Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- OTL logfile created on: 21/02/2013 07:59:31 p.m. - Run 1
- OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Juan\Desktop
- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
- Internet Explorer (Version = 8.0.7601.17514)
- Locale: 0000200a | Country: Republica Bolivariana de Venezuela | Language: ESV | Date Format: dd/MM/yyyy
- 1,97 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 60,46% Memory free
- 3,93 Gb Paging File | 2,96 Gb Available in Paging File | 75,24% Paging File free
- Paging file location(s): ?:\pagefile.sys [binary data]
- %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
- Drive C: | 297,99 Gb Total Space | 21,84 Gb Free Space | 7,33% Space Free | Partition Type: NTFS
- Drive E: | 616,87 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
- Drive G: | 1,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
- Computer Name: JUAN-PC | User Name: Juan | Logged in as Administrator.
- Boot Mode: Normal | Scan Mode: All users
- Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
- [color=#E56717]========== Processes (SafeList) ==========[/color]
- PRC - C:\Users\Juan\Desktop\OTL.exe (OldTimer Tools)
- PRC - C:\Archivos de programa\Mozilla Firefox\firefox.exe (Mozilla Corporation)
- PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
- PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
- PRC - C:\Archivos de programa\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
- PRC - C:\Archivos de programa\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
- PRC - C:\Windows\Microsoft.NET\Frameworkx86\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
- PRC - C:\Archivos de programa\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
- PRC - C:\Archivos de programa\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
- PRC - C:\Archivos de programa\Microsoft Security Client\msseces.exe (Microsoft Corporation)
- PRC - c:\Archivos de programa\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
- PRC - C:\Archivos de programa\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
- PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
- PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
- PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
- PRC - C:\Windows\explorer.exe (Microsoft Corporation)
- PRC - C:\Archivos de programa\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
- PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
- PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
- PRC - C:\Archivos de programa\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
- PRC - C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
- PRC - C:\Archivos de programa\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.)
- [color=#E56717]========== Modules (No Company Name) ==========[/color]
- MOD - C:\Archivos de programa\Mozilla Firefox\mozjs.dll ()
- MOD - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
- MOD - C:\Archivos de programa\Ralink\Common\RaWLAPI.dll ()
- [color=#E56717]========== Services (SafeList) ==========[/color]
- SRV - (RoxLiveShare9) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe File not found
- SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
- SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
- SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
- SRV - (Hamachi2Svc) -- C:\Archivos de programa\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
- SRV - (clr_optimization_v4.0.30319) -- C:\Windows\Microsoft.NET\Frameworkx86\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
- SRV - (SkypeUpdate) -- C:\Archivos de programa\Skype\Updater\Updater.exe (Skype Technologies)
- SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
- SRV - (TuneUp.UtilitiesSvc) -- C:\Archivos de programa\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
- SRV - (NisSrv) -- c:\Archivos de programa\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
- SRV - (MsMpSvc) -- c:\Archivos de programa\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
- SRV - (Autodesk Licensing Service) -- C:\Archivos de programa\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
- SRV - (FLEXnet Licensing Service) -- C:\Archivos de programa\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
- SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
- SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
- SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
- SRV - (rpcapd) -- C:\Archivos de programa\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
- SRV - (osppsvc) -- C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
- SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
- SRV - (RalinkRegistryWriter) -- C:\Archivos de programa\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.)
- SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
- SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
- SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
- SRV - (KMService) -- C:\Windows\System32\srvany.exe ()
- [color=#E56717]========== Driver Services (SafeList) ==========[/color]
- DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
- DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
- DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
- DRV - (jdy#hook) -- C:\Program Files\QMacro\hknm.sys File not found
- DRV - (GGSAFERDriver) -- C:\Program Files\Garena Plus\Room\safedrv.sys File not found
- DRV - (apf001) -- C:\Game\SoftnyxGame\GunboundLS\apf001.sys File not found
- DRV - (af86cxc7) -- File not found
- DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
- DRV - (TuneUpUtilitiesDrv) -- C:\Archivos de programa\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
- DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
- DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
- DRV - (zghsmdm) -- C:\Windows\System32\drivers\zghsmdm.sys (ZTE Incorporated)
- DRV - (zghsdiag) -- C:\Windows\System32\drivers\zghsdiag.sys (ZTE Incorporated)
- DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
- DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
- DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
- DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
- DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
- DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
- DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
- DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
- DRV - (WinRing0_1_2_0) -- C:\Archivos de programa\IObit\Game Booster 3\Driver\WinRing0.sys (OpenLibSys.org)
- DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
- DRV - (cpudrv) -- C:\Archivos de programa\SystemRequirementsLab\cpudrv.sys ()
- DRV - (motmodem) -- C:\Windows\System32\drivers\motmodem.sys (Motorola)
- DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
- DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
- DRV - (SrvHsfPCI) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
- DRV - (androidusb) -- C:\Windows\System32\drivers\motoandroid.sys (Motorola)
- DRV - (motccgp) -- C:\Windows\System32\drivers\motccgp.sys (Motorola)
- DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
- DRV - (motccgpfl) -- C:\Windows\System32\drivers\motccgpfl.sys (Motorola)
- DRV - (MotoSwitchService) -- C:\Windows\System32\drivers\motswch.sys (Motorola)
- DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI Corporation)
- DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI Corporation)
- DRV - (ss_bus) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation)
- DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
- [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
- [color=#E56717]========== Internet Explorer ==========[/color]
- IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
- IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
- IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
- IE - HKLM\..\SearchScopes,DefaultScope =
- IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
- IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
- IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
- IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
- IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
- IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
- IE - HKU\S-1-5-21-3021979625-3124834618-4202608255-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
- IE - HKU\S-1-5-21-3021979625-3124834618-4202608255-1000\..\SearchScopes,DefaultScope =
- IE - HKU\S-1-5-21-3021979625-3124834618-4202608255-1000\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
- IE - HKU\S-1-5-21-3021979625-3124834618-4202608255-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
- IE - HKU\S-1-5-21-3021979625-3124834618-4202608255-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
- IE - HKU\S-1-5-21-3021979625-3124834618-4202608255-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
- IE - HKU\S-1-5-21-3021979625-3124834618-4202608255-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
- [color=#E56717]========== FireFox ==========[/color]
- FF - prefs.js..browser.search.defaultenginename: "(Google)"
- FF - prefs.js..browser.search.defaulturl: "www.Google.com"
- FF - prefs.js..browser.search.order.1: "(Google)"
- FF - prefs.js..browser.search.selectedEngine: "Google"
- FF - prefs.js..browser.search.update: false
- FF - prefs.js..browser.startup.homepage: "http://google.com"
- FF - prefs.js..extensions.enabledAddons: aboutme%40test.mozilla.com:0.5
- FF - prefs.js..extensions.enabledAddons: multifox%40hultmann:1.3.5
- FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926
- FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.5
- FF - prefs.js..extensions.enabledAddons: foxyproxy%40eric.h.jung:4.1.1
- FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5
- FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.2
- FF - prefs.js..keyword.URL: "https://www.google.com/search?q="
- FF - user.js - File not found
- FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
- FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
- FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
- FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
- FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
- FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
- FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
- FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
- FF - HKLM\Software\MozillaPlugins\@raidcall.com/RCplugin: C:\Users\Juan\AppData\LocalLow\raidcall\plugins\webplugin.dll (Raidcall)
- FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Juan\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
- FF - HKLM\Software\MozillaPlugins\@raidcall.kr/RCplugin: C:\Users\Juan\AppData\Roaming\RCKR\plugins\nprcplugin.dll (Raidcall)
- FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
- FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
- FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
- FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
- FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
- FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
- FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
- FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Juan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
- FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Juan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
- FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
- FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/07 17:17:56 | 000,000,000 | ---D | M]
- [2011/07/27 15:43:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juan\AppData\Roaming\mozilla\Extensions
- [2013/01/20 12:58:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juan\AppData\Roaming\mozilla\Firefox\Profiles\4d1xg68u.default\extensions
- [2013/01/08 16:58:01 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Juan\AppData\Roaming\mozilla\Firefox\Profiles\4d1xg68u.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
- [2012/10/03 21:27:25 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Juan\AppData\Roaming\mozilla\Firefox\Profiles\4d1xg68u.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- [2013/01/11 13:21:12 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Juan\AppData\Roaming\mozilla\Firefox\Profiles\4d1xg68u.default\extensions\foxyproxy@eric.h.jung
- [2012/05/05 21:51:00 | 000,051,446 | ---- | M] () (No name found) -- C:\Users\Juan\AppData\Roaming\mozilla\firefox\profiles\4d1xg68u.default\extensions\aboutme@test.mozilla.com.xpi
- [2012/12/04 13:52:11 | 000,083,705 | ---- | M] () (No name found) -- C:\Users\Juan\AppData\Roaming\mozilla\firefox\profiles\4d1xg68u.default\extensions\multifox@hultmann.xpi
- [2012/11/24 00:08:32 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Juan\AppData\Roaming\mozilla\firefox\profiles\4d1xg68u.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- [2013/01/20 12:58:39 | 000,243,496 | ---- | M] () (No name found) -- C:\Users\Juan\AppData\Roaming\mozilla\firefox\profiles\4d1xg68u.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
- [2011/09/10 13:40:54 | 000,002,071 | ---- | M] () -- C:\Users\Juan\AppData\Roaming\mozilla\firefox\profiles\4d1xg68u.default\searchplugins\absearch-search.xml
- [2013/02/07 17:17:35 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
- [2013/02/07 17:17:35 | 000,000,000 | ---D | M] (z) -- C:\Archivos de programa\Mozilla Firefox\extensions\{877dd877-3ac1-2cfb-deab-ad8003cddf23}
- [2013/02/07 17:17:56 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
- [2013/02/07 17:17:40 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
- [2013/02/07 17:17:40 | 000,004,095 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
- [2013/02/07 17:17:40 | 000,001,356 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-es.xml
- [2013/02/07 17:17:40 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
- [2013/02/07 17:17:40 | 000,001,391 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
- [2013/02/07 17:17:40 | 000,001,315 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-es.xml
- [color=#E56717]========== Chrome ==========[/color]
- CHR - default_search_provider: Google (Enabled)
- CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
- CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
- CHR - homepage: http://www.google.com/
- CHR - Extension: No name found = C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl\10_0\
- CHR - Extension: No name found = C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.56_0\
- CHR - Extension: No name found = C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.60_0\
- O1 HOSTS File: ([2012/07/22 20:30:49 | 000,438,199 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
- O1 - Hosts: 127.0.0.1 localhost
- O1 - Hosts: 127.0.0.1 www.007guard.com
- O1 - Hosts: 127.0.0.1 007guard.com
- O1 - Hosts: 127.0.0.1 008i.com
- O1 - Hosts: 127.0.0.1 www.008k.com
- O1 - Hosts: 127.0.0.1 008k.com
- O1 - Hosts: 127.0.0.1 www.00hq.com
- O1 - Hosts: 127.0.0.1 00hq.com
- O1 - Hosts: 127.0.0.1 010402.com
- O1 - Hosts: 127.0.0.1 www.032439.com
- O1 - Hosts: 127.0.0.1 032439.com
- O1 - Hosts: 127.0.0.1 www.0scan.com
- O1 - Hosts: 127.0.0.1 0scan.com
- O1 - Hosts: 127.0.0.1 1000gratisproben.com
- O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
- O1 - Hosts: 127.0.0.1 1001namen.com
- O1 - Hosts: 127.0.0.1 www.1001namen.com
- O1 - Hosts: 127.0.0.1 100888290cs.com
- O1 - Hosts: 127.0.0.1 www.100888290cs.com
- O1 - Hosts: 127.0.0.1 www.100sexlinks.com
- O1 - Hosts: 127.0.0.1 100sexlinks.com
- O1 - Hosts: 127.0.0.1 10sek.com
- O1 - Hosts: 127.0.0.1 www.10sek.com
- O1 - Hosts: 127.0.0.1 www.1-2005-search.com
- O1 - Hosts: 127.0.0.1 1-2005-search.com
- O1 - Hosts: 15098 more lines...
- O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
- O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
- O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
- O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
- O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
- O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
- O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
- O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Archivos de programa\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
- O4 - HKU\S-1-5-21-3021979625-3124834618-4202608255-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
- O4 - HKU\S-1-5-21-3021979625-3124834618-4202608255-1000..\Run: [Facebook Update] C:\Users\Juan\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
- O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
- O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
- O7 - HKU\S-1-5-21-3021979625-3124834618-4202608255-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
- O7 - HKU\S-1-5-21-3021979625-3124834618-4202608255-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
- O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
- O8 - Extra context menu item: Add to AMV Converter... - C:\Archivos de programa\MP3 Player Utilities 4.19\AMVConverter\grab.html ()
- O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
- O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
- O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
- O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
- O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
- O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
- O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
- O13 - gopher Prefix: missing
- O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Reg Error: Value error.)
- O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
- O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.13.2)
- O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8627BD77-2826-4AE8-AED8-01A5E089AEA2}: DhcpNameServer = 192.168.0.1
- O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
- O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
- O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
- O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
- O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
- O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
- O20 - HKLM Winlogon: UserInit - (Userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
- O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
- O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
- O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
- O32 - HKLM CDRom: AutoRun - 1
- O32 - AutoRun File - [2009/06/10 17:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
- O32 - AutoRun File - [2011/11/27 16:13:41 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
- O32 - AutoRun File - [1998/08/19 08:37:30 | 000,000,057 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
- O32 - AutoRun File - [2005/05/22 18:52:41 | 001,187,840 | R--- | M] () - G:\autorun.exe -- [ UDF ]
- O32 - AutoRun File - [2005/05/22 18:52:41 | 001,187,840 | R--- | M] () - G:\Autorun.exe -- [ UDF ]
- O32 - AutoRun File - [2005/05/22 18:52:40 | 000,000,043 | R--- | M] () - G:\Autorun.inf -- [ UDF ]
- O33 - MountPoints2\{164a9140-b88d-11e0-807f-806e6f6e6963}\Shell - "" = AutoRun
- O33 - MountPoints2\{164a9140-b88d-11e0-807f-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup.exe -- [2004/10/21 23:46:58 | 000,118,736 | R--- | M] ()
- O33 - MountPoints2\{164a9141-b88d-11e0-807f-806e6f6e6963}\Shell - "" = AutoRun
- O33 - MountPoints2\{164a9141-b88d-11e0-807f-806e6f6e6963}\Shell\AutoRun\command - "" = Setup.exe
- O33 - MountPoints2\E\Shell - "" = AutoRun
- O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
- O33 - MountPoints2\G\Shell - "" = AutoRun
- O33 - MountPoints2\G\Shell\AutoRun\command - "" = Setup.exe
- O34 - HKLM BootExecute: (autocheck autochk *)
- O35 - HKLM\..comfile [open] -- "%1" %*
- O35 - HKLM\..exefile [open] -- "%1" %*
- O37 - HKLM\...com [@ = comfile] -- "%1" %*
- O37 - HKLM\...exe [@ = exefile] -- "%1" %*
- O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
- O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
- O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
- NetSvcs: FastUserSwitchingCompatibility - File not found
- NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
- NetSvcs: Nla - File not found
- NetSvcs: Ntmssvc - File not found
- NetSvcs: NWCWorkstation - File not found
- NetSvcs: Nwsapagent - File not found
- NetSvcs: SRService - File not found
- NetSvcs: WmdmPmSp - File not found
- NetSvcs: LogonHours - File not found
- NetSvcs: PCAudit - File not found
- NetSvcs: helpsvc - File not found
- NetSvcs: uploadmgr - File not found
- CREATERESTOREPOINT
- Restore point Set: OTL Restore Point
- [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
- [2013/02/21 19:50:36 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
- [2013/02/21 19:04:28 | 004,189,792 | ---- | C] (Piriform Ltd) -- C:\Users\Juan\Desktop\ccsetup327.exe
- [2013/02/21 19:02:14 | 000,000,000 | ---D | C] -- C:\Users\Juan\Desktop\BACKUP
- [2013/02/21 19:00:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Juan\Desktop\OTL.exe
- [2013/02/19 13:02:59 | 000,000,000 | ---D | C] -- C:\Games
- [2013/02/18 20:27:42 | 000,000,000 | ---D | C] -- C:\Users\Juan\Desktop\mbar-1.01.0.1020
- [2013/02/17 23:09:02 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Juan\Desktop\HijackThis.exe
- [2013/02/07 17:17:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
- [2013/02/02 14:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis
- [2013/02/02 14:15:44 | 000,000,000 | ---D | C] -- C:\~MSSETUP.T
- [2013/02/02 14:15:36 | 000,000,000 | ---D | C] -- C:\Program Files\Maxis
- [2013/02/02 13:34:32 | 000,000,000 | ---D | C] -- C:\Program Files\Java
- [2013/01/30 22:15:02 | 000,000,000 | ---D | C] -- C:\Users\Juan\Documents\BlackBerry
- [2013/01/30 16:04:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Anti Idle Backup
- [2013/01/28 06:20:01 | 000,000,000 | ---D | C] -- C:\Users\Juan\Desktop\Slender_v0_9_7
- [2012/12/28 15:09:37 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Juan\AppData\Roaming\pcouffin.sys
- [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
- [1 C:\Users\Juan\Documents\*.tmp files -> C:\Users\Juan\Documents\*.tmp -> ]
- [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
- [2013/02/21 20:00:14 | 000,016,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- [2013/02/21 20:00:14 | 000,016,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- [2013/02/21 19:58:26 | 000,750,962 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
- [2013/02/21 19:58:26 | 000,656,970 | ---- | M] () -- C:\Windows\System32\perfh009.dat
- [2013/02/21 19:58:26 | 000,159,932 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
- [2013/02/21 19:58:26 | 000,122,742 | ---- | M] () -- C:\Windows\System32\perfc009.dat
- [2013/02/21 19:55:19 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
- [2013/02/21 19:54:40 | 000,001,016 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
- [2013/02/21 19:53:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
- [2013/02/21 19:53:55 | 1583,276,032 | -HS- | M] () -- C:\hiberfil.sys
- [2013/02/21 19:40:02 | 000,109,940 | ---- | M] () -- C:\Users\Public\Documents\cc_20130221_193954.reg
- [2013/02/21 19:24:01 | 000,001,020 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
- [2013/02/21 19:09:22 | 004,189,792 | ---- | M] (Piriform Ltd) -- C:\Users\Juan\Desktop\ccsetup327.exe
- [2013/02/21 19:02:58 | 001,199,088 | ---- | M] () -- C:\Users\Juan\Desktop\AT-Destroyer.exe
- [2013/02/21 19:00:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Juan\Desktop\OTL.exe
- [2013/02/21 18:20:03 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3021979625-3124834618-4202608255-1000UA.job
- [2013/02/21 18:20:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3021979625-3124834618-4202608255-1000Core.job
- [2013/02/19 13:03:29 | 000,001,667 | ---- | M] () -- C:\Users\Juan\Desktop\Project Zomboid v0.2.0q Launcher.lnk
- [2013/02/19 11:41:17 | 000,000,963 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
- [2013/02/18 17:04:03 | 000,587,671 | ---- | M] () -- C:\Users\Juan\Desktop\adwcleaner0.exe
- [2013/02/17 23:10:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Juan\Desktop\HijackThis.exe
- [2013/02/16 03:09:58 | 000,944,326 | ---- | M] () -- C:\Users\Public\Documents\Record000.amr
- [2013/02/10 16:45:52 | 000,281,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
- [2013/02/10 16:39:57 | 000,139,448 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
- [2013/02/10 16:39:29 | 000,282,472 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
- [2013/02/04 16:58:24 | 000,495,952 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
- [2013/01/30 23:24:59 | 000,013,785 | ---- | M] () -- C:\ads_err.adt
- [2013/01/30 22:18:40 | 000,004,559 | ---- | M] () -- C:\ads_err.adm
- [2013/01/30 22:18:40 | 000,003,072 | ---- | M] () -- C:\ads_err.adi
- [2013/01/30 22:12:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_RimUsb_01007.Wdf
- [2013/01/30 09:24:49 | 000,156,738 | ---- | M] () -- C:\Users\Public\Documents\antiIdle_file0.sol
- [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
- [1 C:\Users\Juan\Documents\*.tmp files -> C:\Users\Juan\Documents\*.tmp -> ]
- [color=#E56717]========== Files Created - No Company Name ==========[/color]
- [2013/02/21 19:39:56 | 000,109,940 | ---- | C] () -- C:\Users\Public\Documents\cc_20130221_193954.reg
- [2013/02/21 19:00:46 | 001,199,088 | ---- | C] () -- C:\Users\Juan\Desktop\AT-Destroyer.exe
- [2013/02/19 13:03:29 | 000,001,667 | ---- | C] () -- C:\Users\Juan\Desktop\Project Zomboid v0.2.0q Launcher.lnk
- [2013/02/19 09:37:05 | 000,000,963 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog
- [2013/02/18 17:02:52 | 000,587,671 | ---- | C] () -- C:\Users\Juan\Desktop\adwcleaner0.exe
- [2013/02/15 22:45:42 | 000,944,326 | ---- | C] () -- C:\Users\Public\Documents\Record000.amr
- [2013/01/30 22:18:21 | 000,013,785 | ---- | C] () -- C:\ads_err.adt
- [2013/01/30 22:18:21 | 000,004,559 | ---- | C] () -- C:\ads_err.adm
- [2013/01/30 22:18:21 | 000,003,072 | ---- | C] () -- C:\ads_err.adi
- [2013/01/30 22:12:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_RimUsb_01007.Wdf
- [2013/01/02 21:11:17 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
- [2012/12/28 15:09:37 | 000,007,887 | ---- | C] () -- C:\Users\Juan\AppData\Roaming\pcouffin.cat
- [2012/12/28 15:09:37 | 000,001,144 | ---- | C] () -- C:\Users\Juan\AppData\Roaming\pcouffin.inf
- [2012/11/12 13:43:22 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
- [2012/11/12 13:43:22 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
- [2012/11/02 02:05:27 | 000,006,688 | ---- | C] () -- C:\Windows\movexe.exe
- [2012/09/30 15:57:41 | 000,045,270 | ---- | C] () -- C:\Users\Juan\AppData\Roaming\room_v3.dat
- [2012/09/21 23:24:38 | 000,049,152 | ---- | C] () -- C:\Windows\System32\vnshsok.dll
- [2012/08/17 18:14:27 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
- [2012/08/14 18:24:12 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
- [2012/08/08 15:48:54 | 000,000,565 | ---- | C] () -- C:\Users\Juan\AppData\Roaming\myMPQ.ini
- [2012/07/23 11:39:38 | 000,244,277 | ---- | C] () -- C:\Windows\hpoins19.dat
- [2012/07/23 11:39:38 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
- [2012/07/12 08:06:05 | 000,139,448 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
- [2012/06/22 17:10:09 | 000,000,040 | ---- | C] () -- C:\Users\Juan\jagex_cl_runescape_LIVE.dat
- [2012/05/31 20:22:01 | 000,284,672 | ---- | C] () -- C:\Windows\unin040a.exe
- [2012/05/18 14:40:05 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
- [2012/05/10 08:15:47 | 000,000,827 | ---- | C] () -- C:\Windows\eReg.dat
- [2012/04/30 14:32:38 | 000,000,017 | ---- | C] () -- C:\Users\Juan\AppData\Local\resmon.resmoncfg
- [2012/04/26 22:33:49 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
- [2012/04/26 22:31:28 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
- [2012/03/28 20:48:19 | 000,036,062 | ---- | C] () -- C:\Windows\DIIUnin.dat
- [2012/03/23 14:47:47 | 000,000,446 | ---- | C] () -- C:\Windows\kaillera.ini
- [2012/03/02 23:38:35 | 000,000,104 | ---- | C] () -- C:\Windows\wininit.ini
- [2012/03/02 08:27:00 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
- [2012/01/07 13:33:01 | 000,281,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
- [2012/01/07 13:27:42 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
- [2011/12/29 13:18:52 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
- [2011/12/10 15:18:45 | 000,386,048 | ---- | C] () -- C:\Windows\aim.exe
- [2011/12/07 22:10:41 | 000,012,920 | ---- | C] () -- C:\Windows\System32\apl001.sys
- [2011/12/07 22:10:41 | 000,010,872 | ---- | C] () -- C:\Windows\System32\apf001.sys
- [2011/11/28 23:41:17 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
- [2011/11/28 23:39:39 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
- [2011/10/31 22:34:14 | 000,000,016 | ---- | C] () -- C:\Users\Juan\persistent_state
- [2011/10/11 10:36:52 | 000,000,129 | ---- | C] () -- C:\Users\Juan\jagex_runescape_preferences2.dat
- [2011/10/11 10:32:40 | 000,000,035 | ---- | C] () -- C:\Users\Juan\jagex_runescape_preferences.dat
- [2011/10/08 11:44:23 | 000,000,600 | ---- | C] () -- C:\Users\Juan\PUTTY.RND
- [2011/09/04 15:33:59 | 000,000,758 | ---- | C] () -- C:\Windows\War3Unin.dat
- [2011/07/27 15:43:47 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
- [2011/07/27 15:18:14 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
- [2011/07/27 15:18:00 | 000,147,456 | ---- | C] () -- C:\Windows\System32\DiagFunc.dll
- [2011/07/27 15:18:00 | 000,000,451 | ---- | C] () -- C:\Windows\System32\DiagFunc.ini
- [2011/07/27 15:18:00 | 000,000,072 | ---- | C] () -- C:\Windows\System32\RaCertMgr.ini
- [2011/06/03 13:27:02 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
- [2011/06/03 13:27:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
- [2011/06/03 13:27:02 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
- [2011/06/03 12:44:26 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
- [2011/06/03 12:43:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
- [2005/07/28 17:25:02 | 000,004,879 | -H-- | C] () -- C:\Users\Juan\AppData\Roaming\Juanlog.dat
- [color=#E56717]========== ZeroAccess Check ==========[/color]
- [2009/07/14 00:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
- [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
- [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
- [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
- "" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 04:29:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
- "ThreadingModel" = Apartment
- [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
- "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:49:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
- "ThreadingModel" = Free
- [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
- "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
- "ThreadingModel" = Both
- [color=#E56717]========== LOP Check ==========[/color]
- [2013/01/18 23:42:16 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\.minecraft
- [2012/02/02 16:23:40 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\Autodesk
- [2012/10/03 21:28:11 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\AutoGG
- [2012/04/15 17:47:30 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\BitTorrent
- [2012/06/02 00:50:16 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\CorsixTH
- [2011/09/27 21:15:08 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\CreeperWorld
- [2011/09/27 21:14:22 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\CreeperWorld.BA6B793AB2C9FDD744493F22666C1F8DFA806A5E.1
- [2011/12/31 13:15:56 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\CreeperWorld2
- [2011/09/25 12:47:07 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\CreeperWorld2.BA6B793AB2C9FDD744493F22666C1F8DFA806A5E.1
- [2011/09/27 21:13:28 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\CreeperWorldDEMO.BA6B793AB2C9FDD744493F22666C1F8DFA806A5E.1
- [2013/02/21 19:37:03 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\DAEMON Tools Lite
- [2011/10/22 18:01:25 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\fizzy
- [2012/12/26 10:57:18 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\fltk.org
- [2012/10/13 21:51:06 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\GarenaPlus
- [2012/10/17 22:50:08 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\Groovedown_Uninstall
- [2011/12/22 21:10:06 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\HLSW
- [2012/09/03 14:35:57 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\Kalypso Media
- [2011/08/22 13:14:47 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\LolClient
- [2012/12/21 15:35:37 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\Mipony
- [2012/01/13 07:39:20 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\My Battle for Middle-earth(tm) II
- [2011/12/18 19:53:23 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\Opera
- [2012/10/30 22:56:20 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\opie
- [2012/04/27 16:08:39 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\Origin
- [2012/07/25 14:37:24 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\raidcall
- [2012/11/02 17:19:44 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\RCKR
- [2013/01/04 02:43:40 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\Research In Motion
- [2012/04/22 19:19:12 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\Rovio
- [2012/04/26 22:34:10 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\Samsung
- [2012/06/28 01:35:16 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\TuneUp Software
- [2011/08/11 20:40:40 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\Unity
- [2012/02/02 16:46:29 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\URSoft
- [2013/02/21 19:36:54 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\uTorrent
- [2012/12/28 15:09:52 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\Vso
- [2011/10/01 22:13:49 | 000,000,000 | ---D | M] -- C:\Users\Juan\AppData\Roaming\yess
- [color=#E56717]========== Purity Check ==========[/color]
- [color=#E56717]========== Custom Scans ==========[/color]
- [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
- [2013/01/30 22:18:40 | 000,003,072 | ---- | M] () -- C:\ads_err.adi
- [2013/01/30 22:18:40 | 000,004,559 | ---- | M] () -- C:\ads_err.adm
- [2013/01/30 23:24:59 | 000,013,785 | ---- | M] () -- C:\ads_err.adt
- [2013/02/18 17:11:43 | 000,002,611 | ---- | M] () -- C:\AdwCleaner[R1].txt
- [2013/02/21 19:45:04 | 000,003,748 | ---- | M] () -- C:\AdwCleaner[R2].txt
- [2013/02/21 19:46:53 | 000,003,867 | ---- | M] () -- C:\AdwCleaner[R3].txt
- [2013/02/18 17:12:50 | 000,000,337 | ---- | M] () -- C:\AdwCleaner[S1].txt
- [2013/02/21 19:45:30 | 000,000,337 | ---- | M] () -- C:\AdwCleaner[S2].txt
- [2013/02/21 19:47:26 | 000,003,920 | ---- | M] () -- C:\AdwCleaner[S3].txt
- [2013/02/21 19:52:33 | 000,026,527 | ---- | M] () -- C:\AT-Destroyer.txt
- [2009/06/10 17:12:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
- [2009/06/10 17:12:20 | 000,000,010 | ---- | M] () -- C:\config.sys
- [2011/10/12 22:23:37 | 000,000,216 | ---- | M] () -- C:\DebugTrace-RockallDLL.log
- [2012/08/28 16:10:18 | 000,005,071 | ---- | M] () -- C:\Error_160101_201208281610.txt
- [2012/08/29 02:10:37 | 000,006,255 | ---- | M] () -- C:\Error_160101_201208290210.txt
- [2012/09/09 21:35:44 | 000,005,355 | ---- | M] () -- C:\Error_160101_201209092135.txt
- [2012/09/16 10:52:22 | 000,005,591 | ---- | M] () -- C:\Error_160101_201209161052.txt
- [2012/10/05 23:57:42 | 000,005,518 | ---- | M] () -- C:\Error_160101_201210052357.txt
- [2012/10/06 14:06:19 | 000,006,255 | ---- | M] () -- C:\Error_160101_201210061406.txt
- [2012/10/16 09:55:23 | 000,006,255 | ---- | M] () -- C:\Error_160101_201210160955.txt
- [2012/10/24 17:51:28 | 000,005,591 | ---- | M] () -- C:\Error_160101_201210241751.txt
- [2013/01/18 14:35:36 | 000,006,255 | ---- | M] () -- C:\Error_160101_201301181435.txt
- [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
- [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
- [2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
- [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
- [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
- [2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
- [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
- [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
- [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
- [2007/12/29 15:41:26 | 000,001,110 | ---- | M] () -- C:\globdata.ini
- [2013/02/21 19:53:55 | 1583,276,032 | -HS- | M] () -- C:\hiberfil.sys
- [2007/12/29 15:41:26 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
- [2007/12/29 15:41:36 | 000,000,843 | ---- | M] () -- C:\install.ini
- [2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
- [2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
- [2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
- [2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
- [2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
- [2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
- [2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
- [2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
- [2007/12/29 15:45:00 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
- [2011/10/29 11:13:50 | 000,000,000 | ---- | M] () -- C:\IO.SYS
- [2011/10/08 12:02:02 | 000,000,388 | ---- | M] () -- C:\IPH.PH
- [2011/10/29 11:13:50 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS
- [2013/02/21 19:53:58 | 2111,037,440 | -HS- | M] () -- C:\pagefile.sys
- [2012/08/19 19:45:27 | 000,071,108 | ---- | M] () -- C:\s43g
- [2012/03/16 16:50:23 | 000,005,610 | ---- | M] () -- C:\UsbFix.txt
- [2007/12/29 15:41:26 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
- [2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
- [2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
- [color=#E56717]========== Alternate Data Streams ==========[/color]
- @Alternate Data Stream - 174 bytes -> C:\ProgramData\TEMP:B3D74A13
- @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:957E9765
- @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:76650B61
- < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
