Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Met Police virus, can't start safe mode


  • Please log in to reply
11 replies to this topic

#1 Richard Morris

Richard Morris

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:47 PM

Posted 30 May 2012 - 06:21 AM

Hi,

I've a netbook infected with a version of the Met Police virus/ransomware, also I can't seem to boot into safe mode as any attempt to do this get a little way through booting then, very briefly shows a blue screen and restarts.

The netbook is an ACRE Aspire One, with no CD-ROM. I've managed to start windows recovery console off a usb flash drive and also managed to boot BartPE, xPUD off flash drives.

Thanks in advance

BC AdBot (Login to Remove)

 


#2 Richard Morris

Richard Morris
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:47 PM

Posted 30 May 2012 - 06:23 AM

Oh and to make matters worse its got a spanish keyboard layout and I can't seem to type a colon.

#3 moomoo2u

moomoo2u

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 30 May 2012 - 06:35 AM

I actually have the exact same problem (seems to be an expat thing)

see if anything being said in my topic helps you out:

http://www.bleepingcomputer.com/forums/topic455236.html

#4 Richard Morris

Richard Morris
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:47 PM

Posted 30 May 2012 - 06:37 AM

Oh the OS is XP.

#5 Richard Morris

Richard Morris
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:47 PM

Posted 31 May 2012 - 08:03 AM

I managed to use BartPE to view the files on the harddisk and identified some Babylon Tool bar files and WINDOWS/System32/k8h0pp.exe which looked suspicious (Trojan.Winlock.5490). I manually removed these files from my disk. I then managed to boot in normal mode and the Police Warning screen didn't run. This freed up the computer allowing malwarebytes to be run which found some more traces (Rogue.SecuritySolutions). HitManPro actually identified k8h0pp.exe which most others scanners didn't.

I then used system restore to roll back a couple of weeks, this means safe mode can run, though there seems to be some error messages (in spanish).

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:47 AM

Posted 31 May 2012 - 08:09 AM

You may still be infected

You should find this file in appdata folder too.Lets check that


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#7 Richard Morris

Richard Morris
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:47 PM

Posted 31 May 2012 - 11:04 AM

OK logs of these three below

15:03:35.0890 0672 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
15:03:36.0125 0672 ============================================================
15:03:36.0125 0672 Current date / time: 2012/05/31 15:03:36.0125
15:03:36.0125 0672 SystemInfo:
15:03:36.0125 0672
15:03:36.0125 0672 OS Version: 5.1.2600 ServicePack: 3.0
15:03:36.0125 0672 Product type: Workstation
15:03:36.0125 0672 ComputerName: ACER-074AC68100
15:03:36.0125 0672 UserName: Robert
15:03:36.0125 0672 Windows directory: C:\WINDOWS
15:03:36.0125 0672 System windows directory: C:\WINDOWS
15:03:36.0125 0672 Processor architecture: Intel x86
15:03:36.0125 0672 Number of processors: 2
15:03:36.0125 0672 Page size: 0x1000
15:03:36.0125 0672 Boot type: Normal boot
15:03:36.0125 0672 ============================================================
15:03:37.0281 0672 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:03:37.0281 0672 ============================================================
15:03:37.0281 0672 \Device\Harddisk0\DR0:
15:03:37.0281 0672 MBR partitions:
15:03:37.0281 0672 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xE01000, BlocksNum 0x11C18000
15:03:37.0296 0672 ============================================================
15:03:37.0328 0672 C: <-> \Device\Harddisk0\DR0\Partition0
15:03:37.0328 0672 ============================================================
15:03:37.0328 0672 Initialize success
15:03:37.0328 0672 ============================================================
15:03:40.0718 1920 ============================================================
15:03:40.0718 1920 Scan started
15:03:40.0718 1920 Mode: Manual;
15:03:40.0718 1920 ============================================================
15:03:42.0031 1920 Abiosdsk - ok
15:03:42.0078 1920 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
15:03:42.0078 1920 abp480n5 - ok
15:03:42.0140 1920 ACPI (cf2a07e1751a2d612d7e13aa431ab057) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:03:42.0140 1920 ACPI - ok
15:03:42.0156 1920 ACPIEC (1c905333c0b9f3d7c68ddf25e54b00f9) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:03:42.0390 1920 ACPIEC - ok
15:03:42.0453 1920 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
15:03:42.0750 1920 adpu160m - ok
15:03:42.0812 1920 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:03:42.0828 1920 aec - ok
15:03:42.0906 1920 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
15:03:42.0921 1920 AFD - ok
15:03:42.0968 1920 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
15:03:42.0968 1920 agp440 - ok
15:03:42.0984 1920 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
15:03:42.0984 1920 agpCPQ - ok
15:03:43.0015 1920 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
15:03:43.0281 1920 Aha154x - ok
15:03:43.0328 1920 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
15:03:43.0343 1920 aic78u2 - ok
15:03:43.0359 1920 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
15:03:43.0359 1920 aic78xx - ok
15:03:43.0375 1920 Alerter (fedca791a089d4e15084da10f38bce45) C:\WINDOWS\system32\alrsvc.dll
15:03:43.0375 1920 Alerter - ok
15:03:43.0421 1920 ALG (764b7a1e6ae2d70416a7932f3b97ac99) C:\WINDOWS\System32\alg.exe
15:03:43.0421 1920 ALG - ok
15:03:43.0468 1920 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
15:03:43.0468 1920 AliIde - ok
15:03:43.0484 1920 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
15:03:43.0484 1920 alim1541 - ok
15:03:43.0687 1920 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
15:03:43.0718 1920 Ambfilt - ok
15:03:43.0921 1920 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
15:03:43.0921 1920 amdagp - ok
15:03:43.0953 1920 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
15:03:44.0140 1920 amsint - ok
15:03:44.0281 1920 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:03:44.0281 1920 Apple Mobile Device - ok
15:03:44.0312 1920 AppMgmt - ok
15:03:44.0515 1920 AR5416 (2b7b6a3305fc34a543d34013c14d02a2) C:\WINDOWS\system32\DRIVERS\athw.sys
15:03:44.0593 1920 AR5416 - ok
15:03:44.0640 1920 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
15:03:44.0640 1920 asc - ok
15:03:44.0671 1920 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
15:03:44.0687 1920 asc3350p - ok
15:03:44.0718 1920 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
15:03:44.0953 1920 asc3550 - ok
15:03:45.0109 1920 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:03:45.0125 1920 aspnet_state - ok
15:03:45.0171 1920 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:03:45.0453 1920 AsyncMac - ok
15:03:45.0531 1920 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:03:45.0531 1920 atapi - ok
15:03:45.0546 1920 Atdisk - ok
15:03:45.0593 1920 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:03:45.0593 1920 Atmarpc - ok
15:03:45.0656 1920 AudioSrv (a37f6480b06c37db69bbff045cf9f55b) C:\WINDOWS\System32\audiosrv.dll
15:03:45.0656 1920 AudioSrv - ok
15:03:45.0718 1920 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:03:45.0718 1920 audstub - ok
15:03:47.0218 1920 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Archivos de programa\AVG\AVG2012\avgidsagent.exe
15:03:48.0250 1920 AVGIDSAgent - ok
15:03:48.0421 1920 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
15:03:48.0437 1920 AVGIDSDriver - ok
15:03:48.0468 1920 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
15:03:48.0484 1920 AVGIDSFilter - ok
15:03:48.0515 1920 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
15:03:48.0515 1920 AVGIDSHX - ok
15:03:48.0546 1920 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
15:03:48.0546 1920 AVGIDSShim - ok
15:03:48.0625 1920 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
15:03:48.0671 1920 Avgldx86 - ok
15:03:48.0750 1920 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
15:03:48.0750 1920 Avgmfx86 - ok
15:03:48.0781 1920 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
15:03:48.0781 1920 Avgrkx86 - ok
15:03:48.0843 1920 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
15:03:48.0859 1920 Avgtdix - ok
15:03:49.0109 1920 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe
15:03:49.0140 1920 avgwd - ok
15:03:49.0218 1920 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:03:49.0218 1920 Beep - ok
15:03:49.0312 1920 BITS (8ee9639c01b92490e09638caa1b16c3c) C:\WINDOWS\system32\qmgr.dll
15:03:49.0375 1920 BITS - ok
15:03:49.0500 1920 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Archivos de programa\Bonjour\mDNSResponder.exe
15:03:49.0531 1920 Bonjour Service - ok
15:03:49.0609 1920 Browser (e28818bd591f8af8fbe9897472b9665e) C:\WINDOWS\System32\browser.dll
15:03:49.0609 1920 Browser - ok
15:03:49.0671 1920 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
15:03:50.0000 1920 cbidf - ok
15:03:50.0015 1920 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:03:50.0015 1920 cbidf2k - ok
15:03:50.0078 1920 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:03:50.0359 1920 CCDECODE - ok
15:03:50.0421 1920 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
15:03:50.0625 1920 cd20xrnt - ok
15:03:50.0671 1920 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:03:50.0671 1920 Cdaudio - ok
15:03:50.0734 1920 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:03:51.0062 1920 Cdfs - ok
15:03:51.0109 1920 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:03:51.0109 1920 Cdrom - ok
15:03:51.0140 1920 Changer - ok
15:03:51.0187 1920 CiSvc (b0e3fec4ee7b935a7387fd6ef31ea780) C:\WINDOWS\system32\cisvc.exe
15:03:51.0203 1920 CiSvc - ok
15:03:51.0218 1920 ClipSrv (0c3bf68ab94cefd64b333b326f84510e) C:\WINDOWS\system32\clipsrv.exe
15:03:51.0234 1920 ClipSrv - ok
15:03:51.0328 1920 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:03:51.0406 1920 clr_optimization_v2.0.50727_32 - ok
15:03:51.0437 1920 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:03:51.0765 1920 CmBatt - ok
15:03:51.0812 1920 CmdIde (2f86ab1a85e4ecd37c3a88f45d706548) C:\WINDOWS\system32\DRIVERS\cmdide.sys
15:03:51.0828 1920 CmdIde - ok
15:03:51.0859 1920 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:03:51.0859 1920 Compbatt - ok
15:03:51.0875 1920 COMSysApp - ok
15:03:51.0953 1920 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
15:03:52.0218 1920 Cpqarray - ok
15:03:52.0296 1920 CryptSvc (e423c9c1946c656e0e4840210a0a8681) C:\WINDOWS\System32\cryptsvc.dll
15:03:52.0296 1920 CryptSvc - ok
15:03:52.0359 1920 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
15:03:52.0640 1920 dac2w2k - ok
15:03:52.0703 1920 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
15:03:52.0968 1920 dac960nt - ok
15:03:53.0046 1920 DcomLaunch (97869c55f562b777987100ea30ad8108) C:\WINDOWS\system32\rpcss.dll
15:03:53.0078 1920 DcomLaunch - ok
15:03:53.0156 1920 Dhcp (2ddfb3a5679fa02366686ecb1af622f0) C:\WINDOWS\System32\dhcpcsvc.dll
15:03:53.0171 1920 Dhcp - ok
15:03:53.0250 1920 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:03:53.0265 1920 Disk - ok
15:03:53.0328 1920 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
15:03:53.0328 1920 DKbFltr - ok
15:03:53.0343 1920 dmadmin - ok
15:03:53.0484 1920 dmboot (c252a99c0a78b39faa2e2d1d048b1050) C:\WINDOWS\system32\drivers\dmboot.sys
15:03:53.0531 1920 dmboot - ok
15:03:53.0578 1920 dmio (33b4d4039cd2cb25351a7bf13b2988d9) C:\WINDOWS\system32\drivers\dmio.sys
15:03:53.0828 1920 dmio - ok
15:03:53.0859 1920 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:03:54.0062 1920 dmload - ok
15:03:54.0093 1920 dmserver (40d0520ddaa9312c5dddd8c7c99d8325) C:\WINDOWS\System32\dmserver.dll
15:03:54.0109 1920 dmserver - ok
15:03:54.0156 1920 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:03:54.0171 1920 DMusic - ok
15:03:54.0234 1920 Dnscache (2e6d76cab5a402af257a963916fe05e7) C:\WINDOWS\System32\dnsrslvr.dll
15:03:54.0234 1920 Dnscache - ok
15:03:54.0281 1920 Dot3svc (412134c50e2063d882ef1634676e2b25) C:\WINDOWS\System32\dot3svc.dll
15:03:54.0296 1920 Dot3svc - ok
15:03:54.0343 1920 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
15:03:54.0343 1920 dpti2o - ok
15:03:54.0453 1920 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\ARCHIV~1\LAUNCH~1\DPortIO.sys
15:03:54.0468 1920 DritekPortIO - ok
15:03:54.0468 1920 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:03:54.0484 1920 drmkaud - ok
15:03:54.0531 1920 EapHost (fc3fe3654588e597fff395c305062c46) C:\WINDOWS\System32\eapsvc.dll
15:03:54.0531 1920 EapHost - ok
15:03:54.0578 1920 ERSvc (d96623dd7ce1ea9e4de7285d740e14f6) C:\WINDOWS\System32\ersvc.dll
15:03:54.0578 1920 ERSvc - ok
15:03:54.0656 1920 Eventlog (953df7327510df0de048b8e80e504ef9) C:\WINDOWS\system32\services.exe
15:03:54.0671 1920 Eventlog - ok
15:03:54.0734 1920 EventSystem (a225dd0d0489bd580781d19524a10b19) C:\WINDOWS\system32\es.dll
15:03:54.0796 1920 EventSystem - ok
15:03:54.0859 1920 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:03:55.0109 1920 Fastfat - ok
15:03:55.0187 1920 FastUserSwitchingCompatibility (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll
15:03:55.0187 1920 FastUserSwitchingCompatibility - ok
15:03:55.0281 1920 Fax (075cfe0213b51ae2d9e37c9b2164b227) C:\WINDOWS\system32\fxssvc.exe
15:03:55.0281 1920 Fax - ok
15:03:55.0343 1920 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:03:55.0343 1920 Fdc - ok
15:03:55.0406 1920 Fips (e5e61f2c07344e91dbfb7eafde549ab4) C:\WINDOWS\system32\drivers\Fips.sys
15:03:55.0406 1920 Fips - ok
15:03:55.0421 1920 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:03:55.0437 1920 Flpydisk - ok
15:03:55.0468 1920 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:03:55.0937 1920 FltMgr - ok
15:03:56.0109 1920 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:03:56.0109 1920 FontCache3.0.0.0 - ok
15:03:56.0171 1920 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:03:56.0421 1920 Fs_Rec - ok
15:03:56.0500 1920 Ftdisk (cc5f3af5711a1c7c8fa1d43bb16b401a) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:03:56.0796 1920 Ftdisk - ok
15:03:56.0828 1920 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:03:56.0828 1920 GEARAspiWDM - ok
15:03:56.0984 1920 GoogleDesktopManager-080708-050100 (73d038896ec5969800f438f30b57f831) C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktop.exe
15:03:56.0984 1920 GoogleDesktopManager-080708-050100 - ok
15:03:57.0062 1920 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:03:57.0062 1920 Gpc - ok
15:03:57.0125 1920 gupdate1c9ffa8a979c24c (626a24ed1228580b9518c01930936df9) C:\Archivos de programa\Google\Update\GoogleUpdate.exe
15:03:57.0125 1920 gupdate1c9ffa8a979c24c - ok
15:03:57.0140 1920 gupdatem (626a24ed1228580b9518c01930936df9) C:\Archivos de programa\Google\Update\GoogleUpdate.exe
15:03:57.0156 1920 gupdatem - ok
15:03:57.0218 1920 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
15:03:57.0250 1920 gusvc - ok
15:03:57.0328 1920 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:03:57.0343 1920 HDAudBus - ok
15:03:57.0437 1920 helpsvc (6b5e1788abf15177a20c6c76c11382bb) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:03:57.0437 1920 helpsvc - ok
15:03:57.0453 1920 HidServ - ok
15:03:57.0531 1920 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:03:57.0812 1920 HidUsb - ok
15:03:57.0859 1920 hkmsvc (8f80b5fb68e1e767d872cb9a8cad5b5d) C:\WINDOWS\System32\kmsvc.dll
15:03:57.0875 1920 hkmsvc - ok
15:03:57.0921 1920 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
15:03:57.0937 1920 hpn - ok
15:03:58.0015 1920 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:03:58.0093 1920 HTTP - ok
15:03:58.0156 1920 HTTPFilter (0406b351908a8c143b6b6bb8834d4920) C:\WINDOWS\System32\w3ssl.dll
15:03:58.0156 1920 HTTPFilter - ok
15:03:58.0203 1920 Huawei (4183be439981bbc77ef2c1d66629f124) C:\WINDOWS\system32\DRIVERS\ewdcsc.sys
15:03:58.0218 1920 Huawei - ok
15:03:58.0265 1920 hwdatacard (07853191b1bdee5b39be4cfcfe3b9ad4) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
15:03:58.0265 1920 hwdatacard - ok
15:03:58.0343 1920 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
15:03:58.0562 1920 i2omgmt - ok
15:03:58.0625 1920 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
15:03:58.0625 1920 i2omp - ok
15:03:58.0671 1920 i8042prt (4a2490a66e8271901e89dd5fb79748ae) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:03:58.0671 1920 i8042prt - ok
15:03:58.0812 1920 IAANTMON (cb686f44bf955ea02520710a56874fa4) C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:03:58.0828 1920 IAANTMON - ok
15:03:59.0437 1920 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
15:04:00.0312 1920 ialm - ok
15:04:00.0500 1920 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\WINDOWS\system32\drivers\iaStor.sys
15:04:00.0500 1920 iaStor - ok
15:04:00.0718 1920 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:04:00.0781 1920 idsvc - ok
15:04:00.0859 1920 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:04:00.0859 1920 Imapi - ok
15:04:00.0906 1920 ImapiService (e50abd04ca0c015017722014d1d9251e) C:\WINDOWS\system32\imapi.exe
15:04:00.0937 1920 ImapiService - ok
15:04:00.0984 1920 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
15:04:01.0218 1920 ini910u - ok
15:04:01.0250 1920 int15.sys - ok
15:04:01.0812 1920 IntcAzAudAddService (cb1113029fae50c685198eabd9885161) C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:04:02.0078 1920 IntcAzAudAddService - ok
15:04:02.0281 1920 IntelIde (cdc98c84965ac816b3f76ec388e24078) C:\WINDOWS\system32\DRIVERS\intelide.sys
15:04:02.0296 1920 IntelIde - ok
15:04:02.0343 1920 intelppm (49a060498c09db18c3ea9939789005ab) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:04:02.0343 1920 intelppm - ok
15:04:02.0390 1920 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:04:02.0390 1920 Ip6Fw - ok
15:04:02.0437 1920 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:04:02.0453 1920 IpFilterDriver - ok
15:04:02.0468 1920 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:04:02.0468 1920 IpInIp - ok
15:04:02.0515 1920 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:04:02.0531 1920 IpNat - ok
15:04:02.0734 1920 iPod Service (49918803b661367023bf325cf602afdc) C:\Archivos de programa\iPod\bin\iPodService.exe
15:04:02.0765 1920 iPod Service - ok
15:04:02.0828 1920 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:04:02.0828 1920 IPSec - ok
15:04:02.0875 1920 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:04:03.0171 1920 IRENUM - ok
15:04:03.0234 1920 isapnp (0f3d281b0410fe5d482aada37d20524b) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:04:03.0250 1920 isapnp - ok
15:04:03.0265 1920 Kbdclass (188ddd286bc0daea6984858c6a4d7bbf) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:04:03.0265 1920 Kbdclass - ok
15:04:03.0343 1920 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:04:03.0359 1920 kmixer - ok
15:04:03.0421 1920 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:04:03.0890 1920 KSecDD - ok
15:04:03.0968 1920 L1c (6c8658587e91ea25b0fd2e71781ad228) C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
15:04:04.0015 1920 L1c - ok
15:04:04.0078 1920 LanmanServer (ccfc469efd7ecddc8fc887bae7b8563f) C:\WINDOWS\System32\srvsvc.dll
15:04:04.0093 1920 LanmanServer - ok
15:04:04.0171 1920 lanmanworkstation (3db7b764f5066587dae58a71ae51292e) C:\WINDOWS\System32\wkssvc.dll
15:04:04.0203 1920 lanmanworkstation - ok
15:04:04.0218 1920 lbrtfdc - ok
15:04:04.0296 1920 LmHosts (01af2112ff79aa613b6621a75c4e9277) C:\WINDOWS\System32\lmhsvc.dll
15:04:04.0296 1920 LmHosts - ok
15:04:04.0406 1920 lxdxCATSCustConnectService (4a0b6533f035d74729942ee1d19c35c5) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
15:04:04.0437 1920 lxdxCATSCustConnectService - ok
15:04:04.0453 1920 lxdx_device - ok
15:04:04.0531 1920 M3000Srv (b47da7eb985a6676623f378642e417b6) C:\WINDOWS\system32\Drivers\M3000KNT.sys
15:04:04.0546 1920 M3000Srv - ok
15:04:04.0609 1920 Messenger (047e70b04b288439245ddc8dd1a31982) C:\WINDOWS\System32\msgsvc.dll
15:04:04.0609 1920 Messenger - ok
15:04:04.0671 1920 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:04:04.0671 1920 mnmdd - ok
15:04:04.0718 1920 mnmsrvc (85ada209695a677c9d60962cde10696b) C:\WINDOWS\system32\mnmsrvc.exe
15:04:04.0734 1920 mnmsrvc - ok
15:04:04.0796 1920 Modem (9024556e739b8469d2b8f5f0e4c9bc9f) C:\WINDOWS\system32\drivers\Modem.sys
15:04:04.0796 1920 Modem - ok
15:04:05.0000 1920 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
15:04:05.0031 1920 Monfilt - ok
15:04:05.0234 1920 Mouclass (6fd36b4994a2363659a65c9f970cfdb7) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:04:05.0234 1920 Mouclass - ok
15:04:05.0296 1920 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:04:05.0312 1920 MountMgr - ok
15:04:05.0343 1920 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
15:04:05.0562 1920 mraid35x - ok
15:04:05.0640 1920 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:04:05.0687 1920 MRxDAV - ok
15:04:05.0796 1920 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:04:05.0828 1920 MRxSmb - ok
15:04:05.0859 1920 MSDTC (975bd2762bf355a572597cc54d97ba93) C:\WINDOWS\system32\msdtc.exe
15:04:05.0875 1920 MSDTC - ok
15:04:05.0906 1920 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:04:05.0921 1920 Msfs - ok
15:04:05.0937 1920 MSIServer - ok
15:04:05.0984 1920 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:04:06.0234 1920 MSKSSRV - ok
15:04:06.0296 1920 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:04:06.0296 1920 MSPCLOCK - ok
15:04:06.0343 1920 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:04:06.0343 1920 MSPQM - ok
15:04:06.0390 1920 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:04:06.0406 1920 mssmbios - ok
15:04:06.0437 1920 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
15:04:06.0437 1920 MSTEE - ok
15:04:06.0484 1920 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:04:06.0718 1920 Mup - ok
15:04:06.0781 1920 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:04:07.0078 1920 NABTSFEC - ok
15:04:07.0140 1920 napagent (fd578fcc03bbd76af1e62202e6670d29) C:\WINDOWS\System32\qagentrt.dll
15:04:07.0171 1920 napagent - ok
15:04:07.0234 1920 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:04:07.0437 1920 NDIS - ok
15:04:07.0484 1920 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:04:07.0718 1920 NdisIP - ok
15:04:07.0781 1920 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:04:08.0015 1920 NdisTapi - ok
15:04:08.0046 1920 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:04:08.0046 1920 Ndisuio - ok
15:04:08.0078 1920 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:04:08.0312 1920 NdisWan - ok
15:04:08.0359 1920 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:04:08.0359 1920 NDProxy - ok
15:04:08.0421 1920 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:04:08.0421 1920 NetBIOS - ok
15:04:08.0468 1920 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:04:08.0812 1920 NetBT - ok
15:04:08.0875 1920 NetDDE (96b009e5b163850cf94dc333ed2bee93) C:\WINDOWS\system32\netdde.exe
15:04:08.0890 1920 NetDDE - ok
15:04:08.0906 1920 NetDDEdsdm (96b009e5b163850cf94dc333ed2bee93) C:\WINDOWS\system32\netdde.exe
15:04:08.0921 1920 NetDDEdsdm - ok
15:04:08.0968 1920 Netlogon (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
15:04:08.0968 1920 Netlogon - ok
15:04:09.0015 1920 Netman (a48884c9359ee9f1fc8f3f0d93fb1d95) C:\WINDOWS\System32\netman.dll
15:04:09.0031 1920 Netman - ok
15:04:09.0171 1920 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:04:09.0187 1920 NetTcpPortSharing - ok
15:04:09.0265 1920 Nla (5e11d375c92a0dda7ac4d487fc4e1978) C:\WINDOWS\System32\mswsock.dll
15:04:09.0281 1920 Nla - ok
15:04:09.0343 1920 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:04:09.0343 1920 Npfs - ok
15:04:09.0437 1920 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:04:09.0812 1920 Ntfs - ok
15:04:09.0828 1920 NtLmSsp (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
15:04:09.0843 1920 NtLmSsp - ok
15:04:09.0906 1920 NtmsSvc (d60c40d71a4d874c903255e4827afa0c) C:\WINDOWS\system32\ntmssvc.dll
15:04:09.0937 1920 NtmsSvc - ok
15:04:09.0984 1920 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:04:09.0984 1920 Null - ok
15:04:10.0031 1920 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:04:10.0218 1920 NwlnkFlt - ok
15:04:10.0250 1920 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:04:10.0250 1920 NwlnkFwd - ok
15:04:10.0468 1920 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE
15:04:10.0515 1920 odserv - ok
15:04:10.0562 1920 ose (5a432a042dae460abe7199b758e8606c) C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE
15:04:10.0640 1920 ose - ok
15:04:10.0687 1920 Parport (e7855cbd8bd1fda085a3f92cff7906e2) C:\WINDOWS\system32\drivers\Parport.sys
15:04:10.0703 1920 Parport - ok
15:04:10.0765 1920 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:04:10.0765 1920 PartMgr - ok
15:04:10.0796 1920 ParVdm (fad44d704ecd7d39ad01415b8bb34204) C:\WINDOWS\system32\drivers\ParVdm.sys
15:04:11.0062 1920 ParVdm - ok
15:04:11.0125 1920 PCI (f11bc84ae6c7b003b5e0c8eeb4a1f444) C:\WINDOWS\system32\DRIVERS\pci.sys
15:04:11.0390 1920 PCI - ok
15:04:11.0406 1920 PCIDump - ok
15:04:11.0437 1920 PCIIde (33d63f0a9021acb4d75d83b646b93a30) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:04:11.0437 1920 PCIIde - ok
15:04:11.0484 1920 Pcmcia (f50c27cca56dc97b3a45e7f0059bd2ba) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:04:11.0765 1920 Pcmcia - ok
15:04:11.0781 1920 PDCOMP - ok
15:04:11.0796 1920 PDFRAME - ok
15:04:11.0812 1920 PDRELI - ok
15:04:11.0843 1920 PDRFRAME - ok
15:04:11.0890 1920 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
15:04:11.0890 1920 perc2 - ok
15:04:11.0906 1920 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
15:04:11.0921 1920 perc2hib - ok
15:04:12.0015 1920 PlugPlay (953df7327510df0de048b8e80e504ef9) C:\WINDOWS\system32\services.exe
15:04:12.0031 1920 PlugPlay - ok
15:04:12.0062 1920 PolicyAgent (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
15:04:12.0078 1920 PolicyAgent - ok
15:04:12.0125 1920 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:04:12.0140 1920 PptpMiniport - ok
15:04:12.0156 1920 ProtectedStorage (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
15:04:12.0156 1920 ProtectedStorage - ok
15:04:12.0187 1920 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:04:12.0187 1920 PSched - ok
15:04:12.0203 1920 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:04:12.0203 1920 Ptilink - ok
15:04:12.0250 1920 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
15:04:12.0265 1920 ql1080 - ok
15:04:12.0281 1920 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
15:04:12.0281 1920 Ql10wnt - ok
15:04:12.0312 1920 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
15:04:12.0312 1920 ql12160 - ok
15:04:12.0328 1920 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
15:04:12.0328 1920 ql1240 - ok
15:04:12.0343 1920 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
15:04:12.0343 1920 ql1280 - ok
15:04:12.0375 1920 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:04:12.0515 1920 RasAcd - ok
15:04:12.0562 1920 RasAuto (8345c6f52f38a95b950b9b3d064ae3ee) C:\WINDOWS\System32\rasauto.dll
15:04:12.0578 1920 RasAuto - ok
15:04:12.0640 1920 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:04:12.0640 1920 Rasl2tp - ok
15:04:12.0671 1920 RasMan (b279f6a9ea3acb5844c103ed2db65b44) C:\WINDOWS\System32\rasmans.dll
15:04:12.0703 1920 RasMan - ok
15:04:12.0718 1920 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:04:12.0718 1920 RasPppoe - ok
15:04:12.0765 1920 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:04:12.0953 1920 Raspti - ok
15:04:13.0000 1920 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:04:13.0312 1920 Rdbss - ok
15:04:13.0343 1920 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:04:13.0343 1920 RDPCDD - ok
15:04:13.0421 1920 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:04:13.0656 1920 rdpdr - ok
15:04:13.0718 1920 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
15:04:14.0031 1920 RDPWD - ok
15:04:14.0078 1920 RDSessMgr (6193e6b05336c277ea4db39afa46bc23) C:\WINDOWS\system32\sessmgr.exe
15:04:14.0093 1920 RDSessMgr - ok
15:04:14.0140 1920 redbook (20950948970a0ea329b4254052bcf093) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:04:14.0140 1920 redbook - ok
15:04:14.0203 1920 RemoteAccess (1b7481d377bd7997452352f82f4cffed) C:\WINDOWS\System32\mprdim.dll
15:04:14.0218 1920 RemoteAccess - ok
15:04:14.0265 1920 RpcLocator (9fccbdbaa0cf915aac0132de1c9566b3) C:\WINDOWS\system32\locator.exe
15:04:14.0281 1920 RpcLocator - ok
15:04:14.0359 1920 RpcSs (97869c55f562b777987100ea30ad8108) C:\WINDOWS\system32\rpcss.dll
15:04:14.0375 1920 RpcSs - ok
15:04:14.0390 1920 RSUSBSTOR - ok
15:04:14.0468 1920 RSVP (5e38212c2c00dc342e2281d2f6bfb746) C:\WINDOWS\system32\rsvp.exe
15:04:14.0468 1920 RSVP - ok
15:04:14.0609 1920 RS_Service (8e250687e5f020cd337cc9d8252c0b56) C:\Archivos de programa\Acer\Acer VCM\RS_Service.exe
15:04:14.0671 1920 RS_Service - ok
15:04:14.0687 1920 Rts516xIR - ok
15:04:14.0734 1920 SamSs (671aca589da3733fac878a751c5bf0ed) C:\WINDOWS\system32\lsass.exe
15:04:14.0734 1920 SamSs - ok
15:04:14.0812 1920 SCardSvr (a50e4dd0e2a9df762807c84153b4953a) C:\WINDOWS\System32\SCardSvr.exe
15:04:14.0828 1920 SCardSvr - ok
15:04:14.0890 1920 Schedule (51be25c404d3dd344c6079de715e4977) C:\WINDOWS\system32\schedsvc.dll
15:04:14.0921 1920 Schedule - ok
15:04:15.0031 1920 SeaPort (331e7bde228914574fc9ae6cd520dafa) C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:04:15.0046 1920 SeaPort - ok
15:04:15.0093 1920 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:04:15.0093 1920 Secdrv - ok
15:04:15.0125 1920 seclogon (b62c489373a1e1b949fc0faa90f3b47a) C:\WINDOWS\System32\seclogon.dll
15:04:15.0140 1920 seclogon - ok
15:04:15.0156 1920 SENS (a95a27c874b0931a6f8f656924f4a14a) C:\WINDOWS\system32\sens.dll
15:04:15.0171 1920 SENS - ok
15:04:15.0203 1920 Serial (f41b42b92ae9c1191858c3f80cc24a9c) C:\WINDOWS\system32\drivers\Serial.sys
15:04:15.0203 1920 Serial - ok
15:04:15.0296 1920 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:04:15.0546 1920 Sfloppy - ok
15:04:15.0625 1920 SharedAccess (4a4ef3ee166fad4a04b1d767ad986329) C:\WINDOWS\System32\ipnathlp.dll
15:04:15.0671 1920 SharedAccess - ok
15:04:15.0734 1920 ShellHWDetection (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll
15:04:15.0750 1920 ShellHWDetection - ok
15:04:15.0750 1920 Simbad - ok
15:04:15.0781 1920 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
15:04:15.0796 1920 sisagp - ok
15:04:15.0890 1920 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Archivos de programa\Skype\Updater\Updater.exe
15:04:15.0890 1920 SkypeUpdate - ok
15:04:15.0937 1920 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:04:16.0156 1920 SLIP - ok
15:04:16.0203 1920 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
15:04:16.0203 1920 Sparrow - ok
15:04:16.0250 1920 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:04:16.0250 1920 splitter - ok
15:04:16.0312 1920 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:04:16.0312 1920 Spooler - ok
15:04:16.0343 1920 sr (ccb3065c3ee63a4515fe84af9e78d1dd) C:\WINDOWS\system32\DRIVERS\sr.sys
15:04:16.0750 1920 sr - ok
15:04:16.0812 1920 srservice (0f30eec6013fcf76693405ec4a7df899) C:\WINDOWS\system32\srsvc.dll
15:04:16.0828 1920 srservice - ok
15:04:16.0906 1920 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:04:16.0921 1920 Srv - ok
15:04:16.0953 1920 SSDPSRV (b622a432ef02895de4aa38ac8b85fa4c) C:\WINDOWS\System32\ssdpsrv.dll
15:04:16.0953 1920 SSDPSRV - ok
15:04:17.0031 1920 stisvc (7226422c95fdf8aa6092ee964912b0df) C:\WINDOWS\system32\wiaservc.dll
15:04:17.0046 1920 stisvc - ok
15:04:17.0078 1920 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:04:17.0375 1920 streamip - ok
15:04:17.0390 1920 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:04:17.0390 1920 swenum - ok
15:04:17.0453 1920 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:04:17.0468 1920 swmidi - ok
15:04:17.0484 1920 SwPrv - ok
15:04:17.0515 1920 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
15:04:17.0718 1920 symc810 - ok
15:04:17.0765 1920 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
15:04:17.0765 1920 symc8xx - ok
15:04:17.0796 1920 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
15:04:17.0796 1920 sym_hi - ok
15:04:17.0843 1920 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
15:04:17.0843 1920 sym_u3 - ok
15:04:17.0937 1920 SynTP (5c3e900f41426a372de60675afc8aa07) C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:04:17.0953 1920 SynTP - ok
15:04:18.0000 1920 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:04:18.0000 1920 sysaudio - ok
15:04:18.0046 1920 SysmonLog (f1f6ee807f0112aae2259b253b6ddf89) C:\WINDOWS\system32\smlogsvc.exe
15:04:18.0078 1920 SysmonLog - ok
15:04:18.0125 1920 TapiSrv (04a5b8ea326951db27df60a14f2999ff) C:\WINDOWS\System32\tapisrv.dll
15:04:18.0156 1920 TapiSrv - ok
15:04:18.0234 1920 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:04:18.0500 1920 Tcpip - ok
15:04:18.0531 1920 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:04:18.0750 1920 TDPIPE - ok
15:04:18.0781 1920 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:04:18.0781 1920 TDTCP - ok
15:04:18.0843 1920 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:04:18.0859 1920 TermDD - ok
15:04:18.0937 1920 TermService (288b20d56d5f0ec4bcc77fbfa5a81740) C:\WINDOWS\System32\termsrv.dll
15:04:18.0968 1920 TermService - ok
15:04:19.0046 1920 Themes (1f617c5a76215c380478d750ce92cc73) C:\WINDOWS\System32\shsvcs.dll
15:04:19.0046 1920 Themes - ok
15:04:19.0109 1920 tidnet (8044c4e4448d115f67a9fc1b67ce677f) C:\WINDOWS\system32\DRIVERS\tidnet.sys
15:04:19.0109 1920 tidnet - ok
15:04:19.0156 1920 TosIde (95744b77c159ed63774097ddb2e78cb2) C:\WINDOWS\system32\DRIVERS\toside.sys
15:04:19.0156 1920 TosIde - ok
15:04:19.0203 1920 TrkWks (321761d0d12ee5285ce79ac175cba672) C:\WINDOWS\system32\trkwks.dll
15:04:19.0218 1920 TrkWks - ok
15:04:19.0281 1920 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:04:19.0281 1920 Udfs - ok
15:04:19.0312 1920 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
15:04:19.0312 1920 ultra - ok
15:04:19.0375 1920 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:04:19.0656 1920 Update - ok
15:04:19.0718 1920 upnphost (7594203f459abdb5fe53c08d6b1bd53b) C:\WINDOWS\System32\upnphost.dll
15:04:19.0734 1920 upnphost - ok
15:04:19.0750 1920 UPS (575bafeb33af057b13a10579d0dc884a) C:\WINDOWS\System32\ups.exe
15:04:19.0765 1920 UPS - ok
15:04:19.0812 1920 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:04:19.0812 1920 usbccgp - ok
15:04:19.0828 1920 USBCCID - ok
15:04:19.0875 1920 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:04:19.0875 1920 usbehci - ok
15:04:19.0890 1920 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:04:19.0890 1920 usbhub - ok
15:04:19.0937 1920 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:04:19.0937 1920 usbprint - ok
15:04:19.0953 1920 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:04:20.0171 1920 usbscan - ok
15:04:20.0234 1920 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:04:20.0250 1920 USBSTOR - ok
15:04:20.0312 1920 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:04:20.0312 1920 usbuhci - ok
15:04:20.0343 1920 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
15:04:20.0562 1920 usbvideo - ok
15:04:20.0640 1920 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:04:20.0640 1920 VgaSave - ok
15:04:20.0671 1920 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
15:04:20.0687 1920 viaagp - ok
15:04:20.0718 1920 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
15:04:20.0718 1920 ViaIde - ok
15:04:20.0765 1920 VolSnap (c41ffdc191e6c832e2e53c967eae0a16) C:\WINDOWS\system32\drivers\VolSnap.sys
15:04:20.0765 1920 VolSnap - ok
15:04:20.0828 1920 VSS (60f28de3fae525d026e4d66405b80db8) C:\WINDOWS\System32\vssvc.exe
15:04:20.0859 1920 VSS - ok
15:04:21.0031 1920 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Archivos de programa\Archivos comunes\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
15:04:21.0093 1920 vToolbarUpdater11.0.2 - ok
15:04:21.0156 1920 W32Time (c71cfacdbfadd819736f61f5738bddc1) C:\WINDOWS\system32\w32time.dll
15:04:21.0156 1920 W32Time - ok
15:04:21.0265 1920 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:04:21.0281 1920 Wanarp - ok
15:04:21.0375 1920 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
15:04:21.0406 1920 Wdf01000 - ok
15:04:21.0421 1920 WDICA - ok
15:04:21.0453 1920 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:04:21.0453 1920 wdmaud - ok
15:04:21.0484 1920 WebClient (340a4fd9017d1ebd1f6dc435282a39dc) C:\WINDOWS\System32\webclnt.dll
15:04:21.0484 1920 WebClient - ok
15:04:21.0562 1920 winmgmt (a5fc75cab140cf6a78e16c3681001872) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:04:21.0578 1920 winmgmt - ok
15:04:21.0625 1920 WmdmPmSN (57cf215b0250de0c4ae36abc8ae31be4) C:\WINDOWS\system32\mspmsnsv.dll
15:04:21.0625 1920 WmdmPmSN - ok
15:04:21.0656 1920 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:04:21.0656 1920 WmiAcpi - ok
15:04:21.0718 1920 WmiApSrv (ca1a5270acc0062b13f62ca5a0cd8da8) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:04:21.0734 1920 WmiApSrv - ok
15:04:21.0812 1920 wscsvc (8cd684fd248dfe208c2f8f5052838a81) C:\WINDOWS\system32\wscsvc.dll
15:04:21.0812 1920 wscsvc - ok
15:04:21.0875 1920 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:04:21.0875 1920 WSTCODEC - ok
15:04:21.0906 1920 wuauserv (0b8fc4d0f9d6964713e81ad558b50a71) C:\WINDOWS\system32\wuauserv.dll
15:04:21.0906 1920 wuauserv - ok
15:04:21.0984 1920 WZCSVC (d2caf9ff9da12f0cc6398c6e331015e4) C:\WINDOWS\System32\wzcsvc.dll
15:04:22.0000 1920 WZCSVC - ok
15:04:22.0031 1920 xmlprov (14fdadcf05a37582399daf1da1de1c7b) C:\WINDOWS\System32\xmlprov.dll
15:04:22.0046 1920 xmlprov - ok
15:04:22.0093 1920 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:04:22.0875 1920 \Device\Harddisk0\DR0 - ok
15:04:22.0890 1920 Boot (0x1200) (db91bbb856561fd412da4db3771eceec) \Device\Harddisk0\DR0\Partition0
15:04:22.0890 1920 \Device\Harddisk0\DR0\Partition0 - ok
15:04:22.0890 1920 ============================================================
15:04:22.0890 1920 Scan finished
15:04:22.0890 1920 ============================================================
15:04:22.0906 3120 Detected object count: 0
15:04:22.0906 3120 Actual detected object count: 0
15:04:28.0421 3600 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-31 15:05:50
-----------------------------
15:05:50.968 OS Version: Windows 5.1.2600 Service Pack 3
15:05:50.968 Number of processors: 2 586 0x1C02
15:05:50.968 ComputerName: ACER-074AC68100 UserName: Robert
15:05:52.156 Initialize success
15:19:41.265 AVAST engine defs: 12053100
15:21:34.421 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
15:21:34.437 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
15:21:34.468 Disk 0 MBR read successfully
15:21:34.468 Disk 0 MBR scan
15:21:34.625 Disk 0 Windows VISTA default MBR code
15:21:34.640 Disk 0 Partition 1 00 12 Compaq diag NTFS 7169 MB offset 63
15:21:34.671 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 145456 MB offset 14684160
15:21:34.703 Disk 0 scanning sectors +312578048
15:21:34.921 Disk 0 scanning C:\WINDOWS\system32\drivers
15:22:11.953 Service scanning
15:22:41.343 Modules scanning
15:22:48.703 Disk 0 trace - called modules:
15:22:48.750 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
15:22:48.796 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86345030]
15:22:48.812 3 CLASSPNP.SYS[f767dfd7] -> nt!IofCallDriver -> \Device\00000069[0x863c9910]
15:22:48.843 5 ACPI.sys[f75f3620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x863c5030]
15:22:49.765 AVAST engine scan C:\WINDOWS
15:22:57.031 AVAST engine scan C:\WINDOWS\system32
15:28:04.031 AVAST engine scan C:\WINDOWS\system32\drivers
15:28:27.359 AVAST engine scan C:\Documents and Settings\Robert
15:28:55.562 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Robert\Mis documentos\MBR.dat"
15:28:55.593 The log file has been saved successfully to "C:\Documents and Settings\Robert\Mis documentos\aswMBR.txt"



C:\Documents and Settings\Robert\Configuración local\Temp\YontooSetup-S.exe probably a variant of Win32/Adware.SLITAT application cleaned by deleting - quarantined
C:\Documents and Settings\Robert\Configuración local\Temp\2C99F8C8-BAB0-7891-BDB7-ADDDE005840C\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-18\Dc1\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-18\Dc1\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-18\Dc1\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-18\Dc1\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-18\Dc1\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-18\Dc7\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Win32/Adware.Yontoo.B application cleaned by deleting - quarantined

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:47 AM

Posted 31 May 2012 - 12:23 PM

Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.



Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#9 Richard Morris

Richard Morris
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:47 PM

Posted 01 June 2012 - 05:41 AM

Logs below. I also ran esat again looking in archives which found Win32/OpenCandy, log at the bottom.


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-01 00:56:49
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD16 rev.11.0
Running: qzr9hbx4.exe; Driver: C:\DOCUME~1\Robert\CONFIG~1\Temp\pflirfog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey [0xA2075004]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys [0xA20750D4]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xA2074D76]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xA2074E1E]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xA2074EBA]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xA2074F56]

---- User code sections - GMER 1.0.15 ----

.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtCreateFile + 6 7C91D0B4 4 Bytes [28, 00, 33, 00] {SUB [EAX], AL; XOR EAX, [EAX]}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtCreateFile + B 7C91D0B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtMapViewOfSection + 6 7C91D524 1 Byte [28]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtMapViewOfSection + 6 7C91D524 4 Bytes [28, 03, 33, 00] {SUB [EBX], AL; XOR EAX, [EAX]}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtMapViewOfSection + B 7C91D529 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenFile + 6 7C91D5A4 4 Bytes [68, 00, 33, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenFile + B 7C91D5A9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenProcess + 6 7C91D604 4 Bytes [A8, 01, 33, 00] {TEST AL, 0x1; XOR EAX, [EAX]}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenProcess + B 7C91D609 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenProcessToken + 6 7C91D614 4 Bytes CALL 7B92091A
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenProcessToken + B 7C91D619 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenProcessTokenEx + 6 7C91D624 4 Bytes [A8, 02, 33, 00] {TEST AL, 0x2; XOR EAX, [EAX]}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenProcessTokenEx + B 7C91D629 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenThread + 6 7C91D664 4 Bytes [68, 01, 33, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenThread + B 7C91D669 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenThreadToken + 6 7C91D674 4 Bytes [68, 02, 33, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenThreadToken + B 7C91D679 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenThreadTokenEx + 6 7C91D684 4 Bytes CALL 7B92098B
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtOpenThreadTokenEx + B 7C91D689 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtQueryAttributesFile + 6 7C91D714 4 Bytes [A8, 00, 33, 00] {TEST AL, 0x0; XOR EAX, [EAX]}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtQueryAttributesFile + B 7C91D719 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtQueryFullAttributesFile + 6 7C91D7B4 4 Bytes CALL 7B920AB9
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtQueryFullAttributesFile + B 7C91D7B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtSetInformationFile + 6 7C91DC64 4 Bytes [28, 01, 33, 00] {SUB [ECX], AL; XOR EAX, [EAX]}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtSetInformationFile + B 7C91DC69 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtSetInformationThread + 6 7C91DCB4 4 Bytes [28, 02, 33, 00] {SUB [EDX], AL; XOR EAX, [EAX]}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtSetInformationThread + B 7C91DCB9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 1 Byte [68]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 4 Bytes [68, 03, 33, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] ntdll.dll!NtUnmapViewOfSection + B 7C91DF19 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtCreateFile + 6 7C91D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtCreateFile + B 7C91D0B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtMapViewOfSection + 6 7C91D524 1 Byte [28]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtMapViewOfSection + 6 7C91D524 4 Bytes [28, 03, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtMapViewOfSection + B 7C91D529 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenFile + 6 7C91D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenFile + B 7C91D5A9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenProcess + 6 7C91D604 4 Bytes [A8, 01, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenProcess + B 7C91D609 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenProcessToken + 6 7C91D614 4 Bytes CALL 7B91EC1A
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenProcessToken + B 7C91D619 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenProcessTokenEx + 6 7C91D624 4 Bytes [A8, 02, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenProcessTokenEx + B 7C91D629 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenThread + 6 7C91D664 4 Bytes [68, 01, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenThread + B 7C91D669 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenThreadToken + 6 7C91D674 4 Bytes [68, 02, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenThreadToken + B 7C91D679 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenThreadTokenEx + 6 7C91D684 4 Bytes CALL 7B91EC8B
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtOpenThreadTokenEx + B 7C91D689 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtQueryAttributesFile + 6 7C91D714 4 Bytes [A8, 00, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtQueryAttributesFile + B 7C91D719 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtQueryFullAttributesFile + 6 7C91D7B4 4 Bytes CALL 7B91EDB9
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtQueryFullAttributesFile + B 7C91D7B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtSetInformationFile + 6 7C91DC64 4 Bytes [28, 01, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtSetInformationFile + B 7C91DC69 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtSetInformationThread + 6 7C91DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtSetInformationThread + B 7C91DCB9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 1 Byte [68]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 4 Bytes [68, 03, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] ntdll.dll!NtUnmapViewOfSection + B 7C91DF19 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtCreateFile + 6 7C91D0B4 4 Bytes [28, 00, 54, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtCreateFile + B 7C91D0B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtMapViewOfSection + 6 7C91D524 1 Byte [28]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtMapViewOfSection + 6 7C91D524 4 Bytes [28, 03, 54, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtMapViewOfSection + B 7C91D529 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenFile + 6 7C91D5A4 4 Bytes [68, 00, 54, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenFile + B 7C91D5A9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenProcess + 6 7C91D604 4 Bytes [A8, 01, 54, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenProcess + B 7C91D609 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenProcessToken + 6 7C91D614 4 Bytes CALL 7B922A1A
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenProcessToken + B 7C91D619 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenProcessTokenEx + 6 7C91D624 4 Bytes [A8, 02, 54, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenProcessTokenEx + B 7C91D629 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenThread + 6 7C91D664 4 Bytes [68, 01, 54, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenThread + B 7C91D669 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenThreadToken + 6 7C91D674 4 Bytes [68, 02, 54, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenThreadToken + B 7C91D679 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenThreadTokenEx + 6 7C91D684 4 Bytes CALL 7B922A8B
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtOpenThreadTokenEx + B 7C91D689 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtQueryAttributesFile + 6 7C91D714 4 Bytes [A8, 00, 54, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtQueryAttributesFile + B 7C91D719 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtQueryFullAttributesFile + 6 7C91D7B4 4 Bytes CALL 7B922BB9
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtQueryFullAttributesFile + B 7C91D7B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtSetInformationFile + 6 7C91DC64 4 Bytes [28, 01, 54, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtSetInformationFile + B 7C91DC69 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtSetInformationThread + 6 7C91DCB4 4 Bytes [28, 02, 54, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtSetInformationThread + B 7C91DCB9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 1 Byte [68]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 4 Bytes [68, 03, 54, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] ntdll.dll!NtUnmapViewOfSection + B 7C91DF19 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtCreateFile + 6 7C91D0B4 4 Bytes [28, 00, 1D, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtCreateFile + B 7C91D0B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtMapViewOfSection + 6 7C91D524 1 Byte [28]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtMapViewOfSection + 6 7C91D524 4 Bytes [28, 03, 1D, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtMapViewOfSection + B 7C91D529 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenFile + 6 7C91D5A4 4 Bytes [68, 00, 1D, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenFile + B 7C91D5A9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcess + 6 7C91D604 4 Bytes [A8, 01, 1D, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcess + B 7C91D609 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcessToken + 6 7C91D614 4 Bytes CALL 7B91F31A
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcessToken + B 7C91D619 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcessTokenEx + 6 7C91D624 4 Bytes [A8, 02, 1D, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcessTokenEx + B 7C91D629 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThread + 6 7C91D664 4 Bytes [68, 01, 1D, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThread + B 7C91D669 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThreadToken + 6 7C91D674 4 Bytes [68, 02, 1D, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThreadToken + B 7C91D679 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThreadTokenEx + 6 7C91D684 4 Bytes CALL 7B91F38B
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThreadTokenEx + B 7C91D689 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtQueryAttributesFile + 6 7C91D714 4 Bytes [A8, 00, 1D, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtQueryAttributesFile + B 7C91D719 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtQueryFullAttributesFile + 6 7C91D7B4 4 Bytes CALL 7B91F4B9
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtQueryFullAttributesFile + B 7C91D7B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtSetInformationFile + 6 7C91DC64 4 Bytes [28, 01, 1D, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtSetInformationFile + B 7C91DC69 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtSetInformationThread + 6 7C91DCB4 4 Bytes [28, 02, 1D, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtSetInformationThread + B 7C91DCB9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 1 Byte [68]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 4 Bytes [68, 03, 1D, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtUnmapViewOfSection + B 7C91DF19 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtCreateFile + 6 7C91D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtCreateFile + B 7C91D0B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtMapViewOfSection + 6 7C91D524 1 Byte [28]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtMapViewOfSection + 6 7C91D524 4 Bytes [28, 03, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtMapViewOfSection + B 7C91D529 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenFile + 6 7C91D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenFile + B 7C91D5A9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcess + 6 7C91D604 4 Bytes [A8, 01, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcess + B 7C91D609 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcessToken + 6 7C91D614 4 Bytes CALL 7B91EC1A
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcessToken + B 7C91D619 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcessTokenEx + 6 7C91D624 4 Bytes [A8, 02, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcessTokenEx + B 7C91D629 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThread + 6 7C91D664 4 Bytes [68, 01, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThread + B 7C91D669 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThreadToken + 6 7C91D674 4 Bytes [68, 02, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThreadToken + B 7C91D679 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThreadTokenEx + 6 7C91D684 4 Bytes CALL 7B91EC8B
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThreadTokenEx + B 7C91D689 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtQueryAttributesFile + 6 7C91D714 4 Bytes [A8, 00, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtQueryAttributesFile + B 7C91D719 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtQueryFullAttributesFile + 6 7C91D7B4 4 Bytes CALL 7B91EDB9
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtQueryFullAttributesFile + B 7C91D7B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtSetInformationFile + 6 7C91DC64 4 Bytes [28, 01, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtSetInformationFile + B 7C91DC69 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtSetInformationThread + 6 7C91DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtSetInformationThread + B 7C91DCB9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 1 Byte [68]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 4 Bytes [68, 03, 16, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtUnmapViewOfSection + B 7C91DF19 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtCreateFile + 6 7C91D0B4 4 Bytes [28, 00, 39, 00] {SUB [EAX], AL; CMP [EAX], EAX}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtCreateFile + B 7C91D0B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtMapViewOfSection + 6 7C91D524 1 Byte [28]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtMapViewOfSection + 6 7C91D524 4 Bytes [28, 03, 39, 00] {SUB [EBX], AL; CMP [EAX], EAX}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtMapViewOfSection + B 7C91D529 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenFile + 6 7C91D5A4 4 Bytes [68, 00, 39, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenFile + B 7C91D5A9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenProcess + 6 7C91D604 4 Bytes [A8, 01, 39, 00] {TEST AL, 0x1; CMP [EAX], EAX}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenProcess + B 7C91D609 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenProcessToken + 6 7C91D614 4 Bytes CALL 7B920F1A
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenProcessToken + B 7C91D619 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenProcessTokenEx + 6 7C91D624 4 Bytes [A8, 02, 39, 00] {TEST AL, 0x2; CMP [EAX], EAX}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenProcessTokenEx + B 7C91D629 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenThread + 6 7C91D664 4 Bytes [68, 01, 39, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenThread + B 7C91D669 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenThreadToken + 6 7C91D674 4 Bytes [68, 02, 39, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenThreadToken + B 7C91D679 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenThreadTokenEx + 6 7C91D684 4 Bytes CALL 7B920F8B
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtOpenThreadTokenEx + B 7C91D689 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtQueryAttributesFile + 6 7C91D714 4 Bytes [A8, 00, 39, 00] {TEST AL, 0x0; CMP [EAX], EAX}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtQueryAttributesFile + B 7C91D719 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtQueryFullAttributesFile + 6 7C91D7B4 4 Bytes CALL 7B9210B9
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtQueryFullAttributesFile + B 7C91D7B9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtSetInformationFile + 6 7C91DC64 4 Bytes [28, 01, 39, 00] {SUB [ECX], AL; CMP [EAX], EAX}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtSetInformationFile + B 7C91DC69 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtSetInformationThread + 6 7C91DCB4 4 Bytes [28, 02, 39, 00] {SUB [EDX], AL; CMP [EAX], EAX}
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtSetInformationThread + B 7C91DCB9 1 Byte [E2]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 1 Byte [68]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtUnmapViewOfSection + 6 7C91DF14 4 Bytes [68, 03, 39, 00]
.text C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] ntdll.dll!NtUnmapViewOfSection + B 7C91DF19 1 Byte [E2]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Archivos de programa\Google\Chrome\Application\chrome.exe[604] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 003A0010
IAT C:\Archivos de programa\Google\Chrome\Application\chrome.exe[920] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002D0010
IAT C:\Archivos de programa\Google\Chrome\Application\chrome.exe[1696] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 006A0010
IAT C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2968] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00340010
IAT C:\Archivos de programa\Google\Chrome\Application\chrome.exe[2992] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002D0010
IAT C:\Archivos de programa\Google\Chrome\Application\chrome.exe[3628] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00640010

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs avgidsfilterx.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.31.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Robert :: ACER-074AC68100 [administrator]

01/06/2012 06:54:47
mbam-log-2012-06-01 (06-54-47).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 308651
Time elapsed: 38 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox by Farbar Version: 14-01-2012
Ran by Robert (administrator) on 01-06-2012 at 06:39:35
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Configuración IP de Windows



Se vació con éxito la caché de resolución de DNS.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5007EG Wireless Network Adapter = Conexiones de red inalámbricas (Connected)
Atheros AR8132 PCI-E Fast Ethernet Controller = Conexión de área local (Media disconnected)


# ---------------------------------------------
# Configuraci¢n de la interfaz IP
# ---------------------------------------------
pushd interface ip


# Configuraci¢n de la interfaz IP para "Conexi¢n de  rea local"

set address name="Conexi¢n de  rea local" source=dhcp
set dns name="Conexi¢n de  rea local" source=dhcp register=PRIMARY
set wins name="Conexi¢n de  rea local" source=dhcp

# Configuraci¢n de la interfaz IP para "Conexiones de red inal mbricas"

set address name="Conexiones de red inal mbricas" source=dhcp
set dns name="Conexiones de red inal mbricas" source=dhcp register=PRIMARY
set wins name="Conexiones de red inal mbricas" source=dhcp


popd
# Fin de la configuraci¢n de la interfaz IP




Configuración IP de Windows



Nombre del host . . . . . . . . . : acer-074ac68100

Sufijo DNS principal . . . . . . :

Tipo de nodo . . . . . . . . . . : desconocido

Enrutamiento habilitado. . . . . .: No

Proxy WINS habilitado. . . . . : No

Lista de búsqueda de sufijo DNS: Belkin



Adaptador Ethernet Conexión de área local :



Estado de los medios. . . .: medios desconectados

Descripción. . . . . . . . . . . : Atheros AR8132 PCI-E Fast Ethernet Controller

Dirección física. . . . . . . . . : 00-23-5A-8D-26-54



Adaptador Ethernet Conexiones de red inalámbricas :



Sufijo de conexión específica DNS : Belkin

Descripción. . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter

Dirección física. . . . . . . . . : 00-24-2C-56-AC-34

DHCP habilitado. . . . . . . . . : No

Autoconfiguración habilitada. . . : Sí

Dirección IP. . . . . . . . . . . : 192.168.2.3

Máscara de subred . . . . . . . . : 255.255.255.0

Puerta de enlace predeterminada : 192.168.2.1

Servidor DHCP . . . . . . . . . . : 192.168.2.1

Servidores DNS . . . . . . . . . .: 192.168.2.1

Concesión obtenida . . . . . . . : 01 June 2012 06:35:22

Concesión expira . . . . . . . . .: 19 January 2038 05:14:07

Servidor: UnKnown
Address: 192.168.2.1

Nombre: google.com
Addresses: 173.194.34.174, 173.194.34.166, 173.194.34.168, 173.194.34.163
173.194.34.162, 173.194.34.167, 173.194.34.165, 173.194.34.169, 173.194.34.164
173.194.34.161, 173.194.34.160



Haciendo ping a google.com [173.194.34.162] con 32 bytes de datos:



Respuesta desde 173.194.34.162: bytes=32 tiempo=906ms TTL=53

Respuesta desde 173.194.34.162: bytes=32 tiempo=898ms TTL=53



Estad¡sticas de ping para 173.194.34.162:

Paquetes: enviados = 2, recibidos = 2, perdidos = 0

(0% perdidos),

Tiempos aproximados de ida y vuelta en milisegundos:

M¡nimo = 898ms, M ximo = 906ms, Media = 902ms

Servidor: UnKnown
Address: 192.168.2.1

Nombre: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Haciendo ping a yahoo.com [98.139.183.24] con 32 bytes de datos:



Respuesta desde 98.139.183.24: bytes=32 tiempo=1020ms TTL=45

Respuesta desde 98.139.183.24: bytes=32 tiempo=1073ms TTL=45



Estad¡sticas de ping para 98.139.183.24:

Paquetes: enviados = 2, recibidos = 2, perdidos = 0

(0% perdidos),

Tiempos aproximados de ida y vuelta en milisegundos:

M¡nimo = 1020ms, M ximo = 1073ms, Media = 1046ms

Servidor: UnKnown
Address: 192.168.2.1

Nombre: bleepingcomputer.com
Address: 208.43.87.2



Haciendo ping a bleepingcomputer.com [208.43.87.2] con 32 bytes de datos:



Respuesta desde 208.43.87.2: Host de destino inaccesible.

Respuesta desde 208.43.87.2: Host de destino inaccesible.



Estad¡sticas de ping para 208.43.87.2:

Paquetes: enviados = 2, recibidos = 2, perdidos = 0

(0% perdidos),

Tiempos aproximados de ida y vuelta en milisegundos:

M¡nimo = 0ms, M ximo = 0ms, Media = 0ms



Haciendo ping a 127.0.0.1 con 32 bytes de datos:



Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128

Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128



Estad¡sticas de ping para 127.0.0.1:

Paquetes: enviados = 2, recibidos = 2, perdidos = 0

(0% perdidos),

Tiempos aproximados de ida y vuelta en milisegundos:

M¡nimo = 0ms, M ximo = 0ms, Media = 0ms

===========================================================================
ILista de interfaces
0x1 ........................... MS TCP Loopback interface
0x2 ...00 23 5a 8d 26 54 ...... Atheros AR8132 PCI-E Fast Ethernet Controller - Minipuerto del administrador de paquetes
0x3 ...00 24 2c 56 ac 34 ...... Atheros AR5007EG Wireless Network Adapter - Minipuerto del administrador de paquetes
===========================================================================
===========================================================================
Rutas activas:
Destino de red M scara de red Puerta de acceso Interfaz M‚trica
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.3 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.2.3 192.168.2.3 20
192.168.2.0 255.255.255.0 192.168.2.3 192.168.2.3 25
192.168.2.3 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.2.255 255.255.255.255 192.168.2.3 192.168.2.3 25
224.0.0.0 240.0.0.0 192.168.2.3 192.168.2.3 25
255.255.255.255 255.255.255.255 192.168.2.3 192.168.2.3 1
255.255.255.255 255.255.255.255 192.168.2.3 2 1
Puerta de enlace predeterminada: 192.168.2.1
===========================================================================
Rutas persistentes:
ninguno
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [248320] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [248320] (Microsoft Corporation)
Catalog5 04 C:\Archivos de programa\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [248320] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/01/2012 04:42:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9635812

Error: (06/01/2012 04:42:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9635812

Error: (06/01/2012 04:42:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/01/2012 04:42:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9619984

Error: (06/01/2012 04:42:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9619984

Error: (06/01/2012 04:42:17 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/31/2012 11:48:50 AM) (Source: MsiInstaller) (User: Robert)Robert
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- SA_Error26001: StandardAction(0xC0076591): Uninstallation of the old AVG version failed and the new installation cannot be completed. Try to uninstall the old version manually and then launch the installation again.

Error: (05/30/2012 11:19:26 PM) (Source: ESENT) (User: )
Description: svchost (1100) Al intentar abrir el archivo "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" para acceso de lectura y escritura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).

Error: (05/31/2012 01:52:48 AM) (Source: ESENT) (User: )
Description: Catalog Database (1116) No se puede escribir una copia sombra del encabezado para el archivo C:\WINDOWS\system32\CatRoot2\tmp.edb. Error -1022.

Error: (05/31/2012 01:52:48 AM) (Source: ESENT) (User: )
Description: svchost (1116) Al intentar abrir el archivo "C:\WINDOWS\system32\CatRoot2\tmp.edb" para acceso de lectura y escritura se produjo el error de sistema 1392 (0x00000570): "El archivo o directorio está dañado o es ilegible. ". La operación para abrir el archivo se cerrará con el error -1022 (0xfffffc02).


System errors:
=============
Error: (05/31/2012 05:33:57 PM) (Source: Service Control Manager) (User: )
Description: El servicio lxdxCATSCustConnectService no pudo iniciarse debido al siguiente error:
%%1053

Error: (05/31/2012 05:33:57 PM) (Source: Service Control Manager) (User: )
Description: Intervalo de espera (30000 ms.) para la conexión con el servicio lxdxCATSCustConnectService.

Error: (05/31/2012 01:56:42 PM) (Source: Service Control Manager) (User: )
Description: El servicio lxdxCATSCustConnectService no pudo iniciarse debido al siguiente error:
%%1053

Error: (05/31/2012 01:56:42 PM) (Source: Service Control Manager) (User: )
Description: Intervalo de espera (30000 ms.) para la conexión con el servicio lxdxCATSCustConnectService.

Error: (05/31/2012 01:52:58 PM) (Source: Service Control Manager) (User: )
Description: El servicio lxdxCATSCustConnectService no pudo iniciarse debido al siguiente error:
%%1053

Error: (05/31/2012 01:52:58 PM) (Source: Service Control Manager) (User: )
Description: Intervalo de espera (30000 ms.) para la conexión con el servicio lxdxCATSCustConnectService.

Error: (05/31/2012 00:45:21 PM) (Source: Service Control Manager) (User: )
Description: El servicio lxdxCATSCustConnectService no pudo iniciarse debido al siguiente error:
%%1053

Error: (05/31/2012 00:45:21 PM) (Source: Service Control Manager) (User: )
Description: Intervalo de espera (30000 ms.) para la conexión con el servicio lxdxCATSCustConnectService.

Error: (05/31/2012 00:09:20 PM) (Source: Service Control Manager) (User: )
Description: El servicio lxdxCATSCustConnectService no pudo iniciarse debido al siguiente error:
%%1053

Error: (05/31/2012 00:09:20 PM) (Source: Service Control Manager) (User: )
Description: Intervalo de espera (30000 ms.) para la conexión con el servicio lxdxCATSCustConnectService.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Acer eRecovery Management (Version: 4.00.3005)
Acer Product Registration (Version: 3.0.0.10)
Acer ScreenSaver (Version: 1.0.0.0304)
Acer VCM (Version: 4.00.3006)
Actualización de seguridad para el Reproductor de Windows Media (KB2378111)
Actualización de seguridad para el Reproductor de Windows Media (KB952069)
Actualización de seguridad para el Reproductor de Windows Media (KB954155)
Actualización de seguridad para el Reproductor de Windows Media (KB973540)
Actualización de seguridad para el Reproductor de Windows Media (KB975558)
Actualización de seguridad para el Reproductor de Windows Media (KB978695)
Actualización de seguridad para el Reproductor de Windows Media (KB979402)
Actualización de seguridad para Windows Internet Explorer 7 (KB2183461) (Version: 1)
Actualización de seguridad para Windows Internet Explorer 7 (KB2360131) (Version: 1)
Actualización de seguridad para Windows Internet Explorer 7 (KB2497640) (Version: 1)
Actualización de seguridad para Windows Internet Explorer 7 (KB2530548) (Version: 1)
Actualización de seguridad para Windows Internet Explorer 7 (KB2544521) (Version: 1)
Actualización de seguridad para Windows Internet Explorer 7 (KB938127-v2) (Version: 2)
Actualización de seguridad para Windows Internet Explorer 7 (KB969897) (Version: 1)
Actualización de seguridad para Windows Internet Explorer 7 (KB972260) (Version: 1)
Actualización de seguridad para Windows XP (KB2079403) (Version: 1)
Actualización de seguridad para Windows XP (KB2115168) (Version: 1)
Actualización de seguridad para Windows XP (KB2121546) (Version: 1)
Actualización de seguridad para Windows XP (KB2160329) (Version: 1)
Actualización de seguridad para Windows XP (KB2229593) (Version: 1)
Actualización de seguridad para Windows XP (KB2259922) (Version: 1)
Actualización de seguridad para Windows XP (KB2279986) (Version: 1)
Actualización de seguridad para Windows XP (KB2286198) (Version: 1)
Actualización de seguridad para Windows XP (KB2296011) (Version: 1)
Actualización de seguridad para Windows XP (KB2347290) (Version: 1)
Actualización de seguridad para Windows XP (KB2360937) (Version: 1)
Actualización de seguridad para Windows XP (KB2387149) (Version: 1)
Actualización de seguridad para Windows XP (KB2393802) (Version: 1)
Actualización de seguridad para Windows XP (KB2412687) (Version: 1)
Actualización de seguridad para Windows XP (KB2419632) (Version: 1)
Actualización de seguridad para Windows XP (KB2423089) (Version: 1)
Actualización de seguridad para Windows XP (KB2440591) (Version: 1)
Actualización de seguridad para Windows XP (KB2443105) (Version: 1)
Actualización de seguridad para Windows XP (KB2476490) (Version: 1)
Actualización de seguridad para Windows XP (KB2476687) (Version: 1)
Actualización de seguridad para Windows XP (KB2478960) (Version: 1)
Actualización de seguridad para Windows XP (KB2478971) (Version: 1)
Actualización de seguridad para Windows XP (KB2479943) (Version: 1)
Actualización de seguridad para Windows XP (KB2481109) (Version: 1)
Actualización de seguridad para Windows XP (KB2483185) (Version: 1)
Actualización de seguridad para Windows XP (KB2485663) (Version: 1)
Actualización de seguridad para Windows XP (KB2491683) (Version: 1)
Actualización de seguridad para Windows XP (KB2503658) (Version: 1)
Actualización de seguridad para Windows XP (KB2503665) (Version: 1)
Actualización de seguridad para Windows XP (KB2506212) (Version: 1)
Actualización de seguridad para Windows XP (KB2506223) (Version: 1)
Actualización de seguridad para Windows XP (KB2507618) (Version: 1)
Actualización de seguridad para Windows XP (KB2507938) (Version: 1)
Actualización de seguridad para Windows XP (KB2508272) (Version: 1)
Actualización de seguridad para Windows XP (KB2508429) (Version: 1)
Actualización de seguridad para Windows XP (KB2509553) (Version: 1)
Actualización de seguridad para Windows XP (KB2510581) (Version: 1)
Actualización de seguridad para Windows XP (KB2511455) (Version: 1)
Actualización de seguridad para Windows XP (KB2524375) (Version: 1)
Actualización de seguridad para Windows XP (KB2535512) (Version: 1)
Actualización de seguridad para Windows XP (KB2536276) (Version: 1)
Actualización de seguridad para Windows XP (KB2544893) (Version: 1)
Actualización de seguridad para Windows XP (KB2555917) (Version: 1)
Actualización de seguridad para Windows XP (KB2566454) (Version: 1)
Actualización de seguridad para Windows XP (KB2584146) (Version: 1)
Actualización de seguridad para Windows XP (KB2620712) (Version: 1)
Actualización de seguridad para Windows XP (KB2661637) (Version: 1)
Actualización de seguridad para Windows XP (KB2676562) (Version: 1)
Actualización de seguridad para Windows XP (KB923561) (Version: 1)
Actualización de seguridad para Windows XP (KB938464) (Version: 1)
Actualización de seguridad para Windows XP (KB946648) (Version: 1)
Actualización de seguridad para Windows XP (KB950762) (Version: 1)
Actualización de seguridad para Windows XP (KB950974) (Version: 1)
Actualización de seguridad para Windows XP (KB951066) (Version: 1)
Actualización de seguridad para Windows XP (KB951376-v2) (Version: 2)
Actualización de seguridad para Windows XP (KB951376) (Version: 1)
Actualización de seguridad para Windows XP (KB951698) (Version: 1)
Actualización de seguridad para Windows XP (KB951748) (Version: 1)
Actualización de seguridad para Windows XP (KB952004) (Version: 1)
Actualización de seguridad para Windows XP (KB952954) (Version: 1)
Actualización de seguridad para Windows XP (KB954211) (Version: 1)
Actualización de seguridad para Windows XP (KB954459) (Version: 1)
Actualización de seguridad para Windows XP (KB954600) (Version: 1)
Actualización de seguridad para Windows XP (KB955069) (Version: 1)
Actualización de seguridad para Windows XP (KB956391) (Version: 1)
Actualización de seguridad para Windows XP (KB956572) (Version: 1)
Actualización de seguridad para Windows XP (KB956744) (Version: 1)
Actualización de seguridad para Windows XP (KB956802) (Version: 1)
Actualización de seguridad para Windows XP (KB956803) (Version: 1)
Actualización de seguridad para Windows XP (KB956841) (Version: 1)
Actualización de seguridad para Windows XP (KB956844) (Version: 1)
Actualización de seguridad para Windows XP (KB957095) (Version: 1)
Actualización de seguridad para Windows XP (KB957097) (Version: 1)
Actualización de seguridad para Windows XP (KB958644) (Version: 1)
Actualización de seguridad para Windows XP (KB958687) (Version: 1)
Actualización de seguridad para Windows XP (KB958869) (Version: 1)
Actualización de seguridad para Windows XP (KB959426) (Version: 1)
Actualización de seguridad para Windows XP (KB960225) (Version: 1)
Actualización de seguridad para Windows XP (KB960803) (Version: 1)
Actualización de seguridad para Windows XP (KB960859) (Version: 1)
Actualización de seguridad para Windows XP (KB961371) (Version: 1)
Actualización de seguridad para Windows XP (KB961373) (Version: 1)
Actualización de seguridad para Windows XP (KB961501) (Version: 1)
Actualización de seguridad para Windows XP (KB968537) (Version: 1)
Actualización de seguridad para Windows XP (KB969059) (Version: 1)
Actualización de seguridad para Windows XP (KB969898) (Version: 1)
Actualización de seguridad para Windows XP (KB970238) (Version: 1)
Actualización de seguridad para Windows XP (KB970430) (Version: 1)
Actualización de seguridad para Windows XP (KB971633) (Version: 1)
Actualización de seguridad para Windows XP (KB971657) (Version: 1)
Actualización de seguridad para Windows XP (KB971961) (Version: 1)
Actualización de seguridad para Windows XP (KB972270) (Version: 1)
Actualización de seguridad para Windows XP (KB973346) (Version: 1)
Actualización de seguridad para Windows XP (KB973354) (Version: 1)
Actualización de seguridad para Windows XP (KB973507) (Version: 1)
Actualización de seguridad para Windows XP (KB973869) (Version: 1)
Actualización de seguridad para Windows XP (KB973904) (Version: 1)
Actualización de seguridad para Windows XP (KB974112) (Version: 1)
Actualización de seguridad para Windows XP (KB974318) (Version: 1)
Actualización de seguridad para Windows XP (KB974392) (Version: 1)
Actualización de seguridad para Windows XP (KB974571) (Version: 1)
Actualización de seguridad para Windows XP (KB975025) (Version: 1)
Actualización de seguridad para Windows XP (KB975467) (Version: 1)
Actualización de seguridad para Windows XP (KB975560) (Version: 1)
Actualización de seguridad para Windows XP (KB975562) (Version: 1)
Actualización de seguridad para Windows XP (KB975713) (Version: 1)
Actualización de seguridad para Windows XP (KB977816) (Version: 1)
Actualización de seguridad para Windows XP (KB977914) (Version: 1)
Actualización de seguridad para Windows XP (KB978037) (Version: 1)
Actualización de seguridad para Windows XP (KB978338) (Version: 1)
Actualización de seguridad para Windows XP (KB978542) (Version: 1)
Actualización de seguridad para Windows XP (KB978601) (Version: 1)
Actualización de seguridad para Windows XP (KB978706) (Version: 1)
Actualización de seguridad para Windows XP (KB979309) (Version: 1)
Actualización de seguridad para Windows XP (KB979482) (Version: 1)
Actualización de seguridad para Windows XP (KB979687) (Version: 1)
Actualización de seguridad para Windows XP (KB980195) (Version: 1)
Actualización de seguridad para Windows XP (KB980218) (Version: 1)
Actualización de seguridad para Windows XP (KB980232) (Version: 1)
Actualización de seguridad para Windows XP (KB980436) (Version: 1)
Actualización de seguridad para Windows XP (KB981322) (Version: 1)
Actualización de seguridad para Windows XP (KB981349) (Version: 1)
Actualización de seguridad para Windows XP (KB981852) (Version: 1)
Actualización de seguridad para Windows XP (KB981957) (Version: 1)
Actualización de seguridad para Windows XP (KB981997) (Version: 1)
Actualización de seguridad para Windows XP (KB982132) (Version: 1)
Actualización de seguridad para Windows XP (KB982214) (Version: 1)
Actualización de seguridad para Windows XP (KB982665) (Version: 1)
Actualización de seguridad para Windows XP (KB982802) (Version: 1)
Actualización para Windows XP (KB2141007) (Version: 1)
Actualización para Windows XP (KB2345886) (Version: 1)
Actualización para Windows XP (KB2541763) (Version: 1)
Actualización para Windows XP (KB898461) (Version: 1)
Actualización para Windows XP (KB951072-v2) (Version: 2)
Actualización para Windows XP (KB951978) (Version: 1)
Actualización para Windows XP (KB955759) (Version: 1)
Actualización para Windows XP (KB955839) (Version: 1)
Actualización para Windows XP (KB967715) (Version: 1)
Actualización para Windows XP (KB968389) (Version: 1)
Actualización para Windows XP (KB971029) (Version: 1)
Actualización para Windows XP (KB971737) (Version: 1)
Actualización para Windows XP (KB973687) (Version: 1)
Actualización para Windows XP (KB973815) (Version: 1)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Reader 9.5.1 - Español (Version: 9.5.1)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 7.6.1.244)
AVG 2012 (Version: 12.0.2178)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.2178)
Bing Bar Platform (Version: 6.3.2291.0)
Bonjour (Version: 3.0.0.10)
C:\Archivos de programa\Acer GameZone\GameConsole (Version: 3.0.0.0)
CCleaner (Version: 3.19)
Choice Guard (Version: 1.2.87.0)
Driver Oracle (Version: 8.0.1)
Driver Whiz (Version: 8.0.1)
Dropbox (Version: 1.2.52)
Escritorio movistar
ESET Online Scanner v3
eSobi v2 (Version: 2.0.3.000223)
Estudio de mejora de productos de HP Deskjet 2050 J510 series (Version: 22.50.231.0)
Express Zip File Compression Software
Galería fotográfica de Windows Live (Version: 14.0.8051.1204)
Google Chrome (Version: 19.0.1084.52)
Google Desktop (Version: 5.7.0808.07150)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Herramienta de carga de Windows Live (Version: 14.0.8014.1029)
HP Deskjet 2050 J510 series Ayuda (Version: 140.0.61.61)
HP Photo Creations (Version: 1.0.0.3781)
HP Update (Version: 5.002.006.003)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 14.0.8050.1202)
KAG 0.95A
Launch Manager (Version: 2.0.07)
Lexmark 3600-4600 Series
Lexmark Toolbar (Version: 4.13.37.0)
Lexmark Tools for Office (Version: 1.24.0.0)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (Spanish) (Version: 12.0.6425.1000)
Microsoft Office Proof (Basque) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Catalan) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Galician) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (Spanish) 12 (Version: 12.0.6425.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
OpenOffice.org 3.3 (Version: 3.3.9567)
OpenOffice.org 3.3 Language Pack (English (United Kingdom)) (Version: 3.3.9567)
Paquete de compatibilidad para 2007 Office system (Version: 12.0.6425.1000)
Prism Video File Converter
Realtek High Definition Audio Driver (Version: 5.10.0.5798)
Revisión para Windows XP (KB2158563) (Version: 1)
Revisión para Windows XP (KB2443685) (Version: 1)
Revisión para Windows XP (KB932716-v2) (Version: 2)
Revisión para Windows XP (KB949764) (Version: 1)
Revisión para Windows XP (KB952287) (Version: 1)
Revisión para Windows XP (KB961118) (Version: 1)
Revisión para Windows XP (KB970653-v3) (Version: 3)
Revisión para Windows XP (KB981793) (Version: 1)
Security Solution
Segoe UI (Version: 14.0.4327.805)
Skype web features (Version: 1.0.3355)
Skype™ 5.9 (Version: 5.9.115)
Software básico del dispositivo HP Deskjet 2050 J510 series (Version: 22.50.231.0)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 12.2.2.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Word 2007 (KB974631)
USB2.0 Card Reader Software (Version: 6.0.6000.81)
WebCam
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Live Asistente para el inicio de sesión (Version: 5.000.818.6)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Writer (Version: 14.0.8050.1202)

========================= Memory info: ===================================

Percentage of memory in use: 80%
Total physical RAM: 1013.88 MB
Available physical RAM: 201.42 MB
Total Pagefile: 2443.88 MB
Available Pagefile: 1649.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.09 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:142.05 GB) (Free:120.91 GB) NTFS

========================= Users: ========================================

Cuentas de usuario de \\ACER-074AC68100

Administrador Amelia Asistente de ayuda
Callum Invitado Janice
Robert SUPPORT_388945a0
Se ha completado el comando correctamente.


**** End of log ****



C:\Documents and Settings\Callum\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Cache\f_000016 Win32/OpenCandy application deleted - quarantined
C:\Documents and Settings\Callum\Configuración local\Temp\kag_win.zip\setup.exe Win32/OpenCandy application deleted - quarantined
C:\Documents and Settings\Callum\Mis documentos\Downloads\kag_win.zip Win32/OpenCandy application deleted - quarantined

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:47 AM

Posted 01 June 2012 - 09:59 AM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 Richard Morris

Richard Morris
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:47 PM

Posted 01 June 2012 - 01:14 PM

Great, thanks very much.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:47 AM

Posted 01 June 2012 - 01:36 PM

You're welcome :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users