Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

Desde un portatil con conexión wifi a un routerADSL, no consigo que funcionen los DNS, consigo conectarme e incluso administrar el router, se realizan ping a cualquier dirección IP en internet, pero no resuelve pings a URL que requieran de los DNS, al mismo router tengo conectado un equipo de sobremesa y todo funciona perfectamente.
Adjunto el log de HijackThis por si me pueden decir algo.
Gracias.


Logfile of HijackThis v1.99.1

Scan saved at 12:31:41, on 07/11/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)



Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\system32\crypserv.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Synaptics\SynTP\Toshiba.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\TOSHIBA\Tvs\TvsTray.exe

C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe

C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\WINDOWS\system32\TPSBattM.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Network Associates\Common Framework\UdaterUI.exe

C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE

C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files\Network Associates\Common Framework\McTray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

G:\Seguridad\Anti-Spyware\HijackThis\HijackThis.exe



R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 192.168.2.1:80

O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Complemento del Asistente para Internet de Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\sw g.dll

O3 - Toolbar: Asistente para Internet de Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P\tbCome.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [NVRotateSysTray] "rundll32.exe" C:\WINDOWS\system32\nvsysrot.dll,Enable

O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [THotkey] "C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe"

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [Tvs] "C:\Program Files\TOSHIBA\Tvs\TvsTray.exe"

O4 - HKLM\..\Run: [SmoothView] "C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe"

O4 - HKLM\..\Run: [TFncKy] TFncKy.exe

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [msnmsgrs] C:\Archivos de programa\MSN Messenger\msnmsgrs.exe

O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [L07EXLRD_4296453] "C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE" -m

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"

O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe

O4 - HKCU\..\Run: [mehwsysvi] c:\documents and settings\gabi\local settings\application data\mehwsysvi.exe mehwsysvi

O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\DOCUME~1\Gabi\LOCALS~1\Temp\SSUPDATE.EXE Software\SUPERAntiSpyware.com\SUPERAntiSpyware

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - Global Startup: Búsqueda en el escritorio de Windows.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir destino de vínculo a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir selección a archivo PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir vínculos seleccionados a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Crear un favorito móvil... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Barra de búsqueda de Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O11 - Options group: [INTERNATIONAL] International*

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O15 - Trusted Zone: http://www.cblasgaunas.com

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{71E88CE4-2B2D-4210-A4E1-7FD9FF82A849}: NameServer = 80.58.0.33,4.2.2.2

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe

O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: REUTQ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\Gabi\LOCALS~1\Temp\REUTQ.exe

O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Hola Gabriel07, estas usando una versión desactualizada de Hijackthis por lo que debes sacar nuevamente tu log siguiendo los pasos del siguiente enlace: Descargar y sacar el log de HijackThis 2.0.2

CONSEJOS PARA RECIBIR AYUDA MAS RAPIDAMENTE:

• El principal consejo es cumplir con los puntos expresados en Las Políticas del Foro HijackThis.
• Trata de poner un titulo a tu tema lo mas significativo posible a tu problema.
• Descríbenos los mas E-X-A-C-T-O posible los síntomas de tu maquina.
• No pongas tu log sin contarnos brevemente los problemas.
• Asegúrate que tu versión de HijackThis sea la correcta 2.0.2
• Si tienes que cambiar algo no te respondas a ti mismo sino que edita tu mensaje.
• Atendemos de un caso a la vez, una vez terminado uno continuamos con el otro.
• Imprime los pasos que te den en la respuesta para seguirlos al pie de la letra.
• Si los problemas continúan déjanos todos los reportes solicitados y el estado actual del PC.
• Si resolviste el problema con nuestra ayuda no esperamos un "Gracias" pero tampoco cuesta mucho

Saludos.

Ya he puesto en practica los consejos y sigo igual, es imposible que cualquier DNS que ponga resuelva los nombres.
Adjunto el log de la última versión de HijackThis.
Gracias.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:48:17, on 08/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE
C:\Program Files\Network Associates\Common Framework\McTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Documents and Settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 192.168.2.1:80
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Complemento del Asistente para Internet de Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\sw g.dll
O3 - Toolbar: Asistente para Internet de Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P\tbCome.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NVRotateSysTray] "rundll32.exe" C:\WINDOWS\system32\nvsysrot.dll,Enable
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] "C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe"
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Tvs] "C:\Program Files\TOSHIBA\Tvs\TvsTray.exe"
O4 - HKLM\..\Run: [SmoothView] "C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe"
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [msnmsgrs] C:\Archivos de programa\MSN Messenger\msnmsgrs.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [L07EXLRD_4296453] "C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [mehwsysvi] c:\documents and settings\gabi\local settings\application data\mehwsysvi.exe mehwsysvi
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Búsqueda en el escritorio de Windows.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a archivo PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir vínculos seleccionados a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crear un favorito móvil... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barra de búsqueda de Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://www.cblasgaunas.com
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71E88CE4-2B2D-4210-A4E1-7FD9FF82A849}: NameServer = 80.58.0.33,4.2.2.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: REUTQ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\Gabi\LOCALS~1\Temp\REUTQ.exe
O23 - Service: RHSKFVD - Sysinternals - www.sysinternals.com - C:\DOCUME~1\Gabi\LOCALS~1\Temp\RHSKFVD.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 16624 bytes

Hola Gabriel07, realiza los siguientes pasos en modo normal:



Descarga yactualiza el programa:

• Malwarebytes' Anti-Malware
• A continuación realiza un escaneo completo del PC y elimina las infecciones que este detecte como lo indica su Manual.
  
  El reporte queda guardado en la pestaña "Logs" o "Registros" en español, abres el reporte y copias el contenido para pegarlo en este tema.

Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


- Descarga la herramienta ComboFix.exe y guárdala en el escritorio.

• Desactiva temporalmente el Antivirus y/o Antispyware.
• Cierra todas las ventanas abiertas.
• Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
• Cuando termine, generara un registro en C:\ComboFix.txt.
  • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
  • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

• Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje junto a un nuevo log de Hijackthis y el reporte de Malwarebytes para analizarlos.

Adjunto os envío los log's solicitados.
Gracias.
ComboFix 08-11-10.01 - Gabi 2008-11-11 13:53:18.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.34.1033.18.541 [GMT 1:00]
Se ejecuta desde: c:\documents and settings\Gabi\Desktop\ComboFix.exe

ADVERTENCIA - ESTE EQUIPO NO TIENE INSTALADA LA CONSOLA DE RECUPERACION!
.

(((((((((((((((((( Archivos creados desde 2008-10-11 - 2008-11-11 )))))))))))))))))))))))))))))))))
.

2008-11-11 10:17 . 2008-11-11 10:17 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-11 10:17 . 2008-11-11 10:17 <DIR> d-------- c:\documents and settings\Gabi\Application Data\Malwarebytes
2008-11-11 10:17 . 2008-11-11 10:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-11 10:17 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-11 10:17 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-08 23:47 . 2008-11-08 23:47 <DIR> d-------- c:\program files\Trend Micro
2008-11-07 22:57 . 2008-11-07 23:00 <DIR> d-------- c:\program files\SpywareBlaster
2008-11-07 22:57 . 2008-11-09 20:36 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-11-07 12:33 . 2008-11-07 12:33 0 --a------ c:\windows\system32\KSWDYLZAIU
2008-11-07 12:25 . 2008-11-07 12:25 0 --a------ c:\windows\system32\ASYLEXLMBYA
2008-11-04 23:41 . 2008-11-04 23:43 3,495 --a------ C:\WirelessDiagLog.csv
2008-11-02 22:33 . 2008-11-02 22:33 <DIR> d-------- c:\windows\ServicePackFiles
2008-11-02 00:43 . 2008-11-02 02:21 <DIR> d-------- c:\program files\ParadisePoker
2008-10-28 20:42 . 2008-10-28 20:42 244 --ah----- C:\sqmnoopt10.sqm
2008-10-28 20:42 . 2008-10-28 20:42 232 --ah----- C:\sqmdata10.sqm
2008-10-23 22:59 . 2008-04-13 20:24 2,145,280 --a------ c:\windows\system32\ntoskrnl.exe
2008-10-21 13:15 . 2008-10-28 14:36 <DIR> d-------- c:\program files\PokerStars
2008-10-16 23:03 . 2008-04-14 01:12 16,384 --a------ c:\windows\system32\ipsink.ax
2008-10-16 23:01 . 2008-10-16 23:01 <DIR> d-------- c:\windows\OvtCam
2008-10-16 23:00 . 2008-04-14 01:12 91,136 --a------ c:\windows\system32\kswdmcap.ax
2008-10-16 23:00 . 2008-04-14 01:12 61,952 --a------ c:\windows\system32\kstvtune.ax
2008-10-16 23:00 . 2008-04-14 01:12 53,760 --a------ c:\windows\system32\vfwwdm32.dll
2008-10-16 23:00 . 2008-04-14 01:12 43,008 --a------ c:\windows\system32\ksxbar.ax
2008-10-16 23:00 . 2008-04-14 01:12 28,672 --a------ c:\windows\system32\vidcap.ax
2008-10-16 22:54 . 2008-10-16 22:54 <DIR> d-------- c:\program files\directx
2008-10-16 22:53 . 2008-10-16 22:53 <DIR> d-------- c:\program files\ShowCam Plus
2008-10-16 22:53 . 2003-09-25 16:00 307,200 --a------ c:\windows\vidcap32.exe
2008-10-16 22:53 . 2003-10-14 19:13 200,704 --a------ c:\windows\sel3110.exe
2008-10-16 22:53 . 2003-09-25 16:00 174,530 --a------ c:\windows\system32\drivers\ov519vid.sys
2008-10-16 22:53 . 2003-09-25 16:00 135,168 --a------ c:\windows\ov519cap.exe
2008-10-16 22:53 . 2003-09-25 16:00 61,440 --a------ c:\windows\ov519dib.dll
2008-10-16 22:53 . 2003-09-25 16:00 40,960 --a------ c:\windows\system32\ov519ext.dll
2008-10-16 22:53 . 2003-06-02 22:35 40,960 --a------ c:\windows\CleanDev.exe
2008-10-16 22:53 . 2002-07-08 05:15 32,528 --a------ c:\windows\amcap.exe
2008-10-16 22:53 . 2003-09-25 16:00 25,211 --a------ c:\windows\system32\drivers\ov519cmd.sys
2008-10-16 22:53 . 2003-09-25 16:00 25,099 --a------ c:\windows\system32\ov519ext.ax
2008-10-16 22:53 . 2003-09-25 16:00 16,426 --a------ c:\windows\system32\ov519usd.dll
2008-10-15 22:59 . 2008-10-15 22:59 <DIR> d-------- c:\program files\RealVNC
2008-10-15 22:59 . 2008-05-06 09:43 20,992 --a------ c:\windows\system32\vncmirror.dll
2008-10-15 22:59 . 2008-05-06 09:43 4,608 --a------ c:\windows\system32\drivers\vncmirror.sys
2008-10-14 15:00 . 2008-10-14 15:00 244 --ah----- C:\sqmnoopt09.sqm
2008-10-14 15:00 . 2008-10-14 15:00 232 --ah----- C:\sqmdata09.sqm
2008-10-14 14:59 . 2008-10-14 14:59 244 --ah----- C:\sqmnoopt08.sqm
2008-10-14 14:59 . 2008-10-14 14:59 232 --ah----- C:\sqmdata08.sqm
2008-10-13 17:01 . 2008-10-13 17:01 244 --ah----- C:\sqmnoopt07.sqm
2008-10-13 17:01 . 2008-10-13 17:01 232 --ah----- C:\sqmdata07.sqm

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-11-10 15:41 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-11-07 22:02 --------- d-----w c:\program files\SUPERAntiSpyware
2008-11-07 22:02 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-11-07 22:02 --------- d-----w c:\documents and settings\Gabi\Application Data\SUPERAntiSpyware.com
2008-10-27 12:16 --------- d-----w c:\program files\mozilla.org
2008-10-16 22:41 --------- d-----w c:\program files\MSN Messenger
2008-10-16 21:53 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-08 17:06 --------- d-----w c:\program files\BitTorrent Fastest Tool
2008-10-08 17:04 --------- d-----w c:\program files\Conduit
2008-10-08 17:04 --------- d-----w c:\program files\Come2PlayK2P
2008-10-04 14:24 --------- d-----w c:\program files\Picasa2
2008-09-29 21:36 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-29 21:05 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-09-29 20:13 --------- d-----w c:\program files\QuickTime
2008-09-19 15:06 --------- d-----w c:\program files\Microsoft ActiveSync
2008-08-31 20:00 90,915 ----a-w c:\windows\system32\pdgbtyhbvepwy.dll-uninst.exe
2008-08-26 07:24 826,368 ----a-w c:\windows\system32\wininet.dll
2008-04-01 17:30 75,664 ----a-w c:\documents and settings\Gabi\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{b8a5b62c-517f-42a5-85ae-29b5497fb15f}"= "c:\program files\Come2PlayK2P\tbCome.dll" [2008-08-20 1780248]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B8A5B62C-517F-42A5-85AE-29B5497FB15F}"= "c:\program files\Come2PlayK2P\tbCome.dll" [2008-08-20 1780248]

[HKEY_CLASSES_ROOT\clsid\{b8a5b62c-517f-42a5-85ae-29b5497fb15f}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"L07EXLRD_4296453"="c:\program files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE" [2006-06-13 351000]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-21 1211176]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-06-28 68856]
"Google Update"="c:\documents and settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-04 133104]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-01 7557120]
"NVRotateSysTray"="c:\windows\system32\nvsysrot.dl l" [2006-05-01 49152]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761948]
"THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2006-08-25 356352]
"Tvs"="c:\program files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 73728]
"SmoothView"="c:\program files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-05-12 118784]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-10-06 122940]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 802816]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 696320]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UdaterUI.exe" [2006-11-17 136768]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2008-01-24 111952]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2005-04-12 45056]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"nwiz"="nwiz.exe" [2006-05-01 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-05 c:\windows\RTHDCPL.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-13 c:\windows\agrsmmsg.exe]
"TPSMain"="TPSMain.exe" [2005-08-04 c:\windows\system32\TPSMain.exe]
"TFncKy"="TFncKy.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
B£squeda en el escritorio de Windows.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [26/03/2006 22:44:08 257752]

c:\documents and settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [04/05/2007 16:02:32 110592]
Inicio r pido de Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1040-7D00-7760-000000000003}\_SC_Acrobat.exe [19/03/2008 12:43:56 295606]
Inicio r pido de Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/09/2005 22:05:26 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"= c:\windows\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= c:\windows\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"DisableChangePassword"= 0 (0x0)
"DisableLockWorkstation"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoLogoff"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SQLWriter"=3 (0x3)
"MSSQL$SQLEXPRESS"=2 (0x2)
"Microsoft Office Groove Audit Service"=3 (0x3)
"iPod Service"=3 (0x3)
"gusvc"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=

R3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2005-11-28 7040]
S3 REUTQ;REUTQ;c:\docume~1\Gabi\LOCALS~1\Temp\REUTQ.e xe [ ]
S3 RHSKFVD;RHSKFVD;c:\docume~1\Gabi\LOCALS~1\Temp\RHS KFVD.exe [ ]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-12-09 2799808]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{898da03c-1f96-11dc-be72-00037afd56b7}]
\Shell\AutoRun\command - 3wcxx91.cmd
\Shell\explore\Command - 3wcxx91.cmd
\Shell\open\Command - 3wcxx91.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{c0ffe784-5ca7-11dc-bee3-00037afd56b7}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
.
Contenido de carpeta 'Tareas Programadas'

2008-11-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

2008-11-11 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\documents and settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-04 13:58]
.
.
------- Análisis Suplementario -------
.
FireFox -: Profile - c:\documents and settings\Gabi\Application Data\Mozilla\Firefox\Profiles\sgzklveq.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF -: plugin - c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - c:\documents and settings\Gabi\Local Settings\Application Data\Google\Update\1.2.131.25\npGoogleOneClick6.dl l
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll
FF -: plugin - c:\program files\Picasa2\npPicasa2.dll
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-11 13:58:07
Windows 5.1.2600 Service Pack 2 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
--------------------- DLLs cargados bajo los procesos en ejecución ---------------------

PROCESOS: c:\windows\explorer.exe
-> c:\windows\system32\nview.dll
.
Tiempo completado: 2008-11-11 14:02:50
ComboFix-quarantined-files.txt 2008-11-11 13:02:39
ComboFix2.txt 2008-11-11 12:40:50

Pre-Run: 31.248.543.744 bytes free
Post-Run: 31,220,903,936 bytes libres

209 --- E O F --- 2008-11-02 22:29:22

*****************************

Malwarebytes' Anti-Malware 1.30
Versión de la Base de Datos: 1306
Windows 5.1.2600 Service Pack 2

11/11/2008 12:55:21
mbam-log-2008-11-11 (12-55-21).txt

Tipo de examen : Examen Completo (C:\|)
Objetos examinados: 296516
Tiempo transcurrido: 2 hour(s), 35 minute(s), 26 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 3
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 14

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_CLASSES_ROOT\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (Trojan.HumourCanine) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Deewoo Network Manager (Adware.Radio) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
C:\Documents and Settings\Gabi\Local Settings\Application Data\mehwsysvi_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Gabi\Local Settings\Application Data\mehwsysvi_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Gabi\Local Settings\Application Data\mehwsysvi.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\Conduit\Community Alerts\Alert.dll (Trojan.HumourCanine) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Key Generator.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Program Files\Come2PlayK2P\Come2PlayK2PToolbarHelper.exe (Adware.HumourCanineToolbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{516D94BC-6438-4CB1-8592-4A568BE9BB87}\RP478\A0099922.exe (Adware.HumourCanineToolbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{516D94BC-6438-4CB1-8592-4A568BE9BB87}\RP480\A0100288.dll (Adware.Conduit) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_003506_.tmp.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_003538_.tmp.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winpfz33.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\serauth1.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\serauth2.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\WebMediaPlayer (Rogue.WebMediaPlayer) -> Delete on reboot.

************************************************** ****
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:14:43, on 11/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Network Associates\Common Framework\McTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Documents and Settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 192.168.2.1:80
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Complemento del Asistente para Internet de Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\sw g.dll
O3 - Toolbar: Asistente para Internet de Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P\tbCome.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NVRotateSysTray] "rundll32.exe" C:\WINDOWS\system32\nvsysrot.dll,Enable
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] "C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe"
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Tvs] "C:\Program Files\TOSHIBA\Tvs\TvsTray.exe"
O4 - HKLM\..\Run: [SmoothView] "C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe"
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [L07EXLRD_4296453] "C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Búsqueda en el escritorio de Windows.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a archivo PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir vínculos seleccionados a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crear un favorito móvil... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barra de búsqueda de Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://www.cblasgaunas.com
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71E88CE4-2B2D-4210-A4E1-7FD9FF82A849}: NameServer = 80.58.0.33,4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{793D4601-905A-420E-B865-4D41CC80181A}: NameServer = 80.58.0.33,4.2.2.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: REUTQ - Unknown owner - C:\DOCUME~1\Gabi\LOCALS~1\Temp\REUTQ.exe (file missing)
O23 - Service: RHSKFVD - Unknown owner - C:\DOCUME~1\Gabi\LOCALS~1\Temp\RHSKFVD.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 16242 bytes

Hola Gabriel07.

Realiza los siguientes pasos en modo normal:

Paso 1- Apagar el "Restaurar Sistema", desactiva el Tea Timer de Spybot y activa ver archivos ocultos.

Paso 2

• A continuación ve a INICIO-->EJECUTAR--> y escribes NET STOP REUTQ y presionas la tecla Enter (Aceptar).
• A continuación ve a INICIO-->EJECUTAR--> y escribes NET STOP RHSKFVD y presionas la tecla Enter (Aceptar).
  
  
  
• Luego entra nuevamente en Inicio-->Ejecutar--> y escribe sc delete REUTQ y presionas la tecla Enter (Aceptar).
• Luego entra nuevamente en Inicio-->Ejecutar--> y escribe sc delete RHSKFVD y presionas la tecla Enter (Aceptar).

• A continuación con todos los programas cerrados ejecuta Hijackthis y dale a las siguientes entradas si se encuentran:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 192.168.2.1:80
O3 - Toolbar: Come2PlayK2P Toolbar - {b8a5b62c-517f-42a5-85ae-29b5497fb15f} - C:\Program Files\Come2PlayK2P\tbCome.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O23 - Service: REUTQ - Unknown owner - C:\DOCUME~1\Gabi\LOCALS~1\Temp\REUTQ.exe (file missing)
O23 - Service: RHSKFVD - Unknown owner - C:\DOCUME~1\Gabi\LOCALS~1\Temp\RHSKFVD.exe (file missing)

Paso 3
Descarga, actualiza y ejecuta los programas:

• IniRem 2.0 <-- Libere su página de inicio de Internet Explorer y restaure su archivo hosts.

Paso 4
Cambia la configuración de las DNS de tu conexión a internet siguiendo los pasos del siguiente enlace: Use OpenDNS (Step 1 of 3: Change DNS settings)

NOTA: Una vez llenado los campos con las nuevas direcciones DNS le das "Aceptar" para guardar los cambios, no es necesario que sigas con los demás pasos del enlace.


Paso 5
1.-Abrir el Notepad (Bloc de Notas)

• Ir a INICIO > EJECUTAR >
• Y ahí pones notepad.exe y ACEPTAR

2.-Ahora copia y pega estos archivos dentro del Notepad

3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

4.- Antes de usar el CFScript....

• Desactiva temporalmente el Antivirus y/o Antispyware..
• Cierra todas las ventanas abiertas..

• A continuación arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

• Reinicia tu PC y nos dejas el nuevo reporte de ComboFix junto al nuevo log de hijackthis, comentándonos como esta funcionado todo actualmente?

Hola:
Antes de nada muchas gracias por vuestro interés y rápida respuesta.
He realizado todos los pasos que me indicais y los resultados siguen siendo los mismos, en resumen puedo realizar ping a cualquier dirección IP de internet, pero el equipo es incapaz nombre que requieran del DNS. Si coloco una url en el fichero hos con su correspondiente IP, el navegador llega perfectamente.
Os adjunto los nuevos logs.
Saludos.

ComboFix 08-11-10.01 - Gabi 2008-11-12 10:06:57.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.34.1033.18.481 [GMT 1:00]
Se ejecuta desde: c:\documents and settings\Gabi\Desktop\ComboFix.exe

ADVERTENCIA - ESTE EQUIPO NO TIENE INSTALADA LA CONSOLA DE RECUPERACION!
.

(((((((((((((((((( Archivos creados desde 2008-10-12 - 2008-11-12 )))))))))))))))))))))))))))))))))
.

2008-11-11 10:17 . 2008-11-11 10:17 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-11 10:17 . 2008-11-11 10:17 <DIR> d-------- c:\documents and settings\Gabi\Application Data\Malwarebytes
2008-11-11 10:17 . 2008-11-11 10:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-11 10:17 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-11 10:17 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-08 23:47 . 2008-11-08 23:47 <DIR> d-------- c:\program files\Trend Micro
2008-11-07 22:57 . 2008-11-07 23:00 <DIR> d-------- c:\program files\SpywareBlaster
2008-11-07 22:57 . 2008-11-09 20:36 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-11-07 12:33 . 2008-11-07 12:33 0 --a------ c:\windows\system32\KSWDYLZAIU
2008-11-07 12:25 . 2008-11-07 12:25 0 --a------ c:\windows\system32\ASYLEXLMBYA
2008-11-04 23:41 . 2008-11-04 23:43 3,495 --a------ C:\WirelessDiagLog.csv
2008-11-02 22:33 . 2008-11-02 22:33 <DIR> d-------- c:\windows\ServicePackFiles
2008-10-28 20:42 . 2008-10-28 20:42 244 --ah----- C:\sqmnoopt10.sqm
2008-10-28 20:42 . 2008-10-28 20:42 232 --ah----- C:\sqmdata10.sqm
2008-10-23 22:59 . 2008-04-13 20:24 2,145,280 --a------ c:\windows\system32\ntoskrnl.exe
2008-10-16 23:03 . 2008-04-14 01:12 16,384 --a------ c:\windows\system32\ipsink.ax
2008-10-16 23:01 . 2008-10-16 23:01 <DIR> d-------- c:\windows\OvtCam
2008-10-16 23:00 . 2008-04-14 01:12 91,136 --a------ c:\windows\system32\kswdmcap.ax
2008-10-16 23:00 . 2008-04-14 01:12 61,952 --a------ c:\windows\system32\kstvtune.ax
2008-10-16 23:00 . 2008-04-14 01:12 53,760 --a------ c:\windows\system32\vfwwdm32.dll
2008-10-16 23:00 . 2008-04-14 01:12 43,008 --a------ c:\windows\system32\ksxbar.ax
2008-10-16 23:00 . 2008-04-14 01:12 28,672 --a------ c:\windows\system32\vidcap.ax
2008-10-16 22:54 . 2008-10-16 22:54 <DIR> d-------- c:\program files\directx
2008-10-16 22:53 . 2008-10-16 22:53 <DIR> d-------- c:\program files\ShowCam Plus
2008-10-16 22:53 . 2003-09-25 16:00 307,200 --a------ c:\windows\vidcap32.exe
2008-10-16 22:53 . 2003-10-14 19:13 200,704 --a------ c:\windows\sel3110.exe
2008-10-16 22:53 . 2003-09-25 16:00 174,530 --a------ c:\windows\system32\drivers\ov519vid.sys
2008-10-16 22:53 . 2003-09-25 16:00 135,168 --a------ c:\windows\ov519cap.exe
2008-10-16 22:53 . 2003-09-25 16:00 61,440 --a------ c:\windows\ov519dib.dll
2008-10-16 22:53 . 2003-09-25 16:00 40,960 --a------ c:\windows\system32\ov519ext.dll
2008-10-16 22:53 . 2003-06-02 22:35 40,960 --a------ c:\windows\CleanDev.exe
2008-10-16 22:53 . 2002-07-08 05:15 32,528 --a------ c:\windows\amcap.exe
2008-10-16 22:53 . 2003-09-25 16:00 25,211 --a------ c:\windows\system32\drivers\ov519cmd.sys
2008-10-16 22:53 . 2003-09-25 16:00 25,099 --a------ c:\windows\system32\ov519ext.ax
2008-10-16 22:53 . 2003-09-25 16:00 16,426 --a------ c:\windows\system32\ov519usd.dll
2008-10-15 22:59 . 2008-10-15 22:59 <DIR> d-------- c:\program files\RealVNC
2008-10-15 22:59 . 2008-05-06 09:43 20,992 --a------ c:\windows\system32\vncmirror.dll
2008-10-15 22:59 . 2008-05-06 09:43 4,608 --a------ c:\windows\system32\drivers\vncmirror.sys
2008-10-14 15:00 . 2008-10-14 15:00 244 --ah----- C:\sqmnoopt09.sqm
2008-10-14 15:00 . 2008-10-14 15:00 232 --ah----- C:\sqmdata09.sqm
2008-10-14 14:59 . 2008-10-14 14:59 244 --ah----- C:\sqmnoopt08.sqm
2008-10-14 14:59 . 2008-10-14 14:59 232 --ah----- C:\sqmdata08.sqm
2008-10-13 17:01 . 2008-10-13 17:01 244 --ah----- C:\sqmnoopt07.sqm
2008-10-13 17:01 . 2008-10-13 17:01 232 --ah----- C:\sqmdata07.sqm

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-11-12 07:32 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-11-07 22:02 --------- d-----w c:\program files\SUPERAntiSpyware
2008-11-07 22:02 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-11-07 22:02 --------- d-----w c:\documents and settings\Gabi\Application Data\SUPERAntiSpyware.com
2008-10-27 12:16 --------- d-----w c:\program files\mozilla.org
2008-10-16 22:41 --------- d-----w c:\program files\MSN Messenger
2008-10-16 21:53 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-08 17:06 --------- d-----w c:\program files\BitTorrent Fastest Tool
2008-10-08 17:04 --------- d-----w c:\program files\Conduit
2008-10-04 14:24 --------- d-----w c:\program files\Picasa2
2008-09-29 21:36 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-29 21:05 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-09-29 20:13 --------- d-----w c:\program files\QuickTime
2008-09-19 15:06 --------- d-----w c:\program files\Microsoft ActiveSync
2008-08-31 20:00 90,915 ----a-w c:\windows\system32\pdgbtyhbvepwy.dll-uninst.exe
2008-08-26 07:24 826,368 ----a-w c:\windows\system32\wininet.dll
2008-04-01 17:30 75,664 ----a-w c:\documents and settings\Gabi\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"L07EXLRD_4296453"="c:\program files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE" [2006-06-13 351000]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-21 1211176]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-06-28 68856]
"Google Update"="c:\documents and settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-04 133104]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-01 7557120]
"NVRotateSysTray"="c:\windows\system32\nvsysrot.dl l" [2006-05-01 49152]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761948]
"THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2006-08-25 356352]
"Tvs"="c:\program files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 73728]
"SmoothView"="c:\program files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-05-12 118784]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-10-06 122940]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 802816]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 696320]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UdaterUI.exe" [2006-11-17 136768]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2008-01-24 111952]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2005-04-12 45056]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"nwiz"="nwiz.exe" [2006-05-01 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-05 c:\windows\RTHDCPL.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-13 c:\windows\agrsmmsg.exe]
"TPSMain"="TPSMain.exe" [2005-08-04 c:\windows\system32\TPSMain.exe]
"TFncKy"="TFncKy.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
B£squeda en el escritorio de Windows.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [26/03/2006 22:44:08 257752]

c:\documents and settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [04/05/2007 16:02:32 110592]
Inicio r pido de Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1040-7D00-7760-000000000003}\_SC_Acrobat.exe [19/03/2008 12:43:56 295606]
Inicio r pido de Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/09/2005 22:05:26 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"= c:\windows\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= c:\windows\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"DisableChangePassword"= 0 (0x0)
"DisableLockWorkstation"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoLogoff"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SQLWriter"=3 (0x3)
"MSSQL$SQLEXPRESS"=2 (0x2)
"Microsoft Office Groove Audit Service"=3 (0x3)
"iPod Service"=3 (0x3)
"gusvc"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=

R3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2005-11-28 7040]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-12-09 2799808]
.
Contenido de carpeta 'Tareas Programadas'

2008-11-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

2008-11-12 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\documents and settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-04 13:58]
.
.
------- Análisis Suplementario -------
.
FireFox -: Profile - c:\documents and settings\Gabi\Application Data\Mozilla\Firefox\Profiles\sgzklveq.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF -: plugin - c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - c:\documents and settings\Gabi\Local Settings\Application Data\Google\Update\1.2.131.25\npGoogleOneClick6.dl l
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll
FF -: plugin - c:\program files\Picasa2\npPicasa2.dll
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-12 10:11:36
Windows 5.1.2600 Service Pack 2 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
--------------------- DLLs cargados bajo los procesos en ejecución ---------------------

PROCESOS: c:\windows\explorer.exe
-> c:\windows\system32\nview.dll
.
Tiempo completado: 2008-11-12 10:15:48
ComboFix-quarantined-files.txt 2008-11-12 09:15:33
ComboFix2.txt 2008-11-12 08:48:06
ComboFix3.txt 2008-11-11 12:40:50

Pre-Run: 37.574.021.120 bytes free
Post-Run: 37,588,094,976 bytes libres

193 --- E O F --- 2008-11-02 22:29:22

************************************************** ************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:17:54, on 12/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Documents and Settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Network Associates\Common Framework\McTray.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.gmail.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.forospyware.com
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Complemento del Asistente para Internet de Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\sw g.dll
O3 - Toolbar: Asistente para Internet de Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NVRotateSysTray] "rundll32.exe" C:\WINDOWS\system32\nvsysrot.dll,Enable
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] "C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe"
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Tvs] "C:\Program Files\TOSHIBA\Tvs\TvsTray.exe"
O4 - HKLM\..\Run: [SmoothView] "C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe"
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [L07EXLRD_4296453] "C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Búsqueda en el escritorio de Windows.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir destino de vínculo a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir destino de vínculo en archivo Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir selección a archivo PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir vínculos seleccionados a Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir vínculos seleccionados a PDF existente - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crear un favorito móvil... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barra de búsqueda de Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://www.cblasgaunas.com
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{71E88CE4-2B2D-4210-A4E1-7FD9FF82A849}: NameServer = 80.58.0.33,4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{793D4601-905A-420E-B865-4D41CC80181A}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 15124 bytes

Hola Gabriel07, realiza lo siguiente:

Descarga la siguiente herramienta: OTViewIt.exe y la guardas en el escritorio.

A continuación cierras todos los programas que tengas abiertos y la ejecutas haciendo clic en el boton Run Scan, esto tomara unos minutos ten paciencia.
Al finalizar apareceran dos informes llamados OTViewIT.txt y Extras.txt los guardas en el escritorio para tenerlos a la mano.
Finalmente copias y pegas aca mismo el contenido completo del reporte llamado OTViewIT.txt para analizarlo.

Adicionalmente realiza un escaneo completo del PC con el Panda ActiveScan 2.0 y pegas su reporte.

Saludos.

Adjunto el report de OTViewIt
El Panda no lo puedo instalar ya que no puedo acceder a la url e instalarlo de forma desasistida.
Saludos.
Como solo me deja incluir texto hasta 75000 caracteres lo envio en dos trozos.
1ª parte
OTViewIt logfile created on: 12/11/2008 17:13:19 - Run
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\Gabi\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040A | Country: España | Language: ESP | Date Format: dd/MM/yyyy

1021,98 Mb Total Physical Memory | 558,16 Mb Available Physical Memory | 54,62% Memory free
2,40 Gb Paging File | 1,98 Gb Available in Paging File | 82,36% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,54 Gb Total Space | 35,04 Gb Free Space | 31,41% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 115,24 Mb Total Space | 36,31 Mb Free Space | 31,51% Space Free | Partition Type: FAT
I: Drive not present or media not loaded

Computer Name: PORTATIL
Current User Name: Gabi
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2006/08/02 00:39:20 | 00,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
[2006/08/02 00:31:22 | 00,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
[2008/02/18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2003/11/26 22:44:19 | 00,061,440 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
[2008/10/30 16:14:16 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[2006/11/17 12:37:44 | 00,104,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
[2008/01/24 20:50:00 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
[2008/01/24 20:50:00 | 00,054,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
[2001/02/23 10:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
[2006/05/01 21:04:00 | 00,143,428 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2004/09/29 12:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
[2006/11/17 12:40:56 | 00,136,768 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe
[2006/08/02 00:24:22 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
[2005/04/02 01:51:48 | 00,217,600 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
[2006/02/07 16:30:40 | 00,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
[2001/11/12 13:31:48 | 00,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe
[2005/08/05 13:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
[2008/04/14 01:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2005/08/05 13:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
[2004/08/10 13:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2006/03/03 00:02:08 | 00,761,948 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2006/03/02 23:50:52 | 00,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
[2004/08/10 13:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2006/05/05 14:59:16 | 16,206,848 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
[2005/12/13 15:50:02 | 00,088,204 | ---- | M] (Agere Systems) -- C:\WINDOWS\agrsmmsg.exe
[2006/08/25 13:47:12 | 00,356,352 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe
[2006/02/02 13:11:38 | 00,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Tvs\TvsTray.exe
[2005/05/12 11:16:36 | 00,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
[2006/06/29 14:07:24 | 00,184,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe
[2005/10/06 05:20:00 | 00,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
[2005/08/04 14:43:02 | 00,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
[2006/08/02 00:38:30 | 00,802,816 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
[2006/08/02 00:32:44 | 00,696,320 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
[2006/11/17 12:39:58 | 00,136,768 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
[2006/11/17 02:06:00 | 00,086,016 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\Mctray.exe
[2008/01/24 20:50:00 | 00,111,952 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
[2008/01/11 18:54:31 | 00,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
[2005/04/12 16:27:18 | 00,045,056 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[2006/10/26 23:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[2006/06/21 00:41:06 | 01,211,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
[2005/04/12 10:20:00 | 00,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
[2006/06/01 13:32:12 | 00,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
[2006/06/21 00:40:36 | 00,187,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
[2007/06/28 18:30:25 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
[2008/09/04 13:58:29 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[2006/08/02 00:27:54 | 00,479,232 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
[2008/03/19 12:44:29 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
[2008/11/12 14:47:30 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gabi\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2007/05/10 17:07:26 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
[2008/02/18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe -- (aspnet_state [On_Demand | Stopped])
[2006/03/22 07:48:56 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Stopped])
[2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2003/11/26 22:44:19 | 00,061,440 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe -- (Crypkey License [Auto | Running])
[2006/08/02 00:39:20 | 00,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
[2008/03/19 12:44:29 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Running])
[2008/10/30 16:14:16 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Running])
[2005/11/14 00:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/03/30 09:36:30 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [Disabled | Stopped])
[2007/08/23 21:51:49 | 00,068,096 | ---- | M] () -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service [On_Demand | Stopped])
[2006/11/17 12:37:44 | 00,104,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework [Auto | Running])
[2005/08/05 13:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
[2008/01/24 20:50:00 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe -- (McShield [Auto | Paused])
[2008/01/24 20:50:00 | 00,054,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager [Auto | Running])
[2001/02/23 10:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -- (MDM [Auto | Running])
[2006/10/26 23:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [Disabled | Stopped])
[2005/10/14 11:51:45 | 28,768,528 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS [Disabled | Stopped])
[2005/10/14 11:50:19 | 00,045,272 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper [Disabled | Stopped])
[2005/12/09 09:41:14 | 02,799,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80 [Disabled | Stopped])
[2006/06/08 20:29:08 | 00,208,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
[2006/05/01 21:04:00 | 00,143,428 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
[2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2004/09/29 12:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running])
[2006/08/02 00:24:22 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
[2006/08/02 00:31:22 | 00,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
[2005/10/14 11:51:12 | 00,239,320 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser [Disabled | Stopped])
[2005/10/14 01:53:50 | 00,087,768 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [Disabled | Stopped])
[2005/04/02 01:51:48 | 00,217,600 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- (StarWindService [Auto | Running])
[2006/02/07 16:30:40 | 00,035,840 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV [Auto | Running])
[2005/08/04 02:05:55 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [On_Demand | Stopped])
[2007/01/19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2008/05/06 10:55:56 | 02,155,896 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe -- (WinVNC4 [On_Demand | Stopped])
[2001/11/12 13:31:48 | 00,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets [Auto | Running])

========== Driver Services ==========

[2007/01/30 12:29:34 | 00,021,419 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP [Auto | Running])
[2005/12/13 17:08:44 | 01,124,097 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
[2006/02/24 23:04:05 | 00,019,200 | ---- | M] (SlySoft, Inc.) -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD [On_Demand | Running])
[2006/03/22 07:56:24 | 01,522,688 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
[2005/10/06 05:20:00 | 00,025,628 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM [Auto | Running])
[2005/08/25 12:16:52 | 00,005,628 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM [System | Running])
[2005/10/06 05:20:00 | 00,002,496 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN [Auto | Running])
[2005/10/06 05:20:00 | 00,086,524 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M [Auto | Running])
[2005/10/06 05:20:00 | 00,014,684 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM [Auto | Running])
[2005/10/06 05:20:00 | 00,006,364 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM [Auto | Running])
[2005/08/25 12:16:16 | 00,022,684 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N [System | Running])
[2005/10/06 05:20:00 | 00,094,332 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM [Auto | Running])
[2005/10/06 05:20:00 | 00,087,036 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M [Auto | Running])
[2005/09/12 03:30:00 | 00,089,264 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS -- (DRVMCDB [Boot | Running])
[2005/08/12 05:20:00 | 00,040,544 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM [Auto | Running])
[2006/01/13 00:27:48 | 00,163,328 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B [On_Demand | Running])
[2005/05/03 16:34:02 | 00,027,392 | ---- | M] (SlySoft, Inc.) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL [On_Demand | Running])
[2005/04/21 12:40:36 | 00,010,624 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO [Auto | Running])
[2005/04/12 09:41:20 | 00,004,608 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay [On_Demand | Running])
[2008/01/29 11:01:28 | 00,016,168 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys -- (GearAspiWDM [System | Running])
[2008/04/13 17:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2006/03/23 20:47:06 | 01,166,972 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm [On_Demand | Stopped])
[2006/05/05 15:13:52 | 04,271,616 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService [On_Demand | Running])
[2003/09/10 23:36:54 | 00,021,060 | ---- | M] (InterVideo, Inc.) -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi [On_Demand | Running])
[2008/04/13 19:39:48 | 00,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2008/01/24 20:50:00 | 00,064,232 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk [On_Demand | Running])
[2008/01/24 20:50:00 | 00,072,936 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
[2008/01/24 20:50:00 | 00,033,960 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk [On_Demand | Running])
[2008/01/24 20:50:00 | 00,171,400 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk [On_Demand | Running])
[2008/01/24 20:50:00 | 00,031,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys -- (mferkdk [System | Running])
[2008/01/24 20:50:00 | 00,052,104 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik [System | Running])
[2006/07/26 18:39:32 | 01,707,776 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32 [On_Demand | Running])
[2003/07/29 07:18:32 | 00,028,518 | ---- | M] () -- C:\WINDOWS\system32\Ckldrv.sys -- (NetworkX [System | Running])
[2006/05/01 21:04:00 | 03,643,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2003/09/25 16:00:00 | 00,174,530 | ---- | M] (OmniVision Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519 [On_Demand | Stopped])
[2003/09/19 01:47:00 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc [On_Demand | Running])
[2004/08/10 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2008/02/23 03:38:33 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2004/08/10 13:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM [On_Demand | Stopped])
[2006/08/02 01:27:48 | 00,012,544 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans [Auto | Running])
[2008/09/03 14:07:14 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV [System | Running])
[2008/09/03 14:07:16 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
[2008/09/03 14:07:12 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [System | Running])
[2008/04/13 19:36:44 | 00,079,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])
[2007/11/13 11:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Running])
[2008/04/13 19:40:47 | 00,011,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffdisk.sys -- (sffdisk [On_Demand | Stopped])
[2008/04/13 19:40:47 | 00,011,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])
[2001/08/17 12:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam [On_Demand | Running])
[2006/03/02 23:46:54 | 00,191,968 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2005/11/30 18:12:00 | 00,162,560 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21 [On_Demand | Running])
[2005/07/11 18:58:56 | 00,003,712 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt [On_Demand | Stopped])
[2006/06/13 12:29:28 | 00,047,488 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte [On_Demand | Running])
[2006/06/13 11:22:58 | 00,111,232 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd [On_Demand | Running])
[2006/03/16 10:45:12 | 00,037,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp [On_Demand | Running])
[2005/08/01 16:45:08 | 00,064,896 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom [System | Running])
[2005/09/09 14:47:10 | 00,009,344 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec [On_Demand | Running])
[2006/05/29 13:11:20 | 00,060,672 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid [On_Demand | Running])
[2005/01/06 13:42:42 | 00,018,612 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds [On_Demand | Running])
[2006/03/15 10:52:40 | 00,052,864 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd [On_Demand | Stopped])
[2006/06/09 21:40:00 | 00,040,192 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb [On_Demand | Running])
[2005/10/20 14:03:42 | 00,006,144 | ---- | M] (Toshiba Corporation) -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD [On_Demand | Running])
[2006/05/30 16:42:52 | 00,045,696 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs [On_Demand | Running])
[2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
[2008/04/13 19:56:49 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx [On_Demand | Stopped])
[2005/04/25 10:43:58 | 00,159,616 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\Vax347b.sys -- (Vax347b [Boot | Running])
[2004/04/30 09:33:00 | 00,005,248 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\Vax347s.sys -- (Vax347s [Boot | Running])
[2006/02/14 13:45:33 | 00,024,320 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone [Boot | Running])
[2008/05/06 09:43:34 | 00,004,608 | ---- | M] (RealVNC Ltd.) -- C:\WINDOWS\system32\drivers\vncmirror.sys -- (vncmirror [On_Demand | Running])
[2004/08/10 13:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])
[2005/11/28 10:45:16 | 00,007,040 | ---- | M] (X10 Wireless Technology, Inc.) -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid [On_Demand | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\WINDOWS\SYSTEM32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://www.forospyware.com

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.google.com/ie
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
"SearchAssistant "=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Search_URL"=http://www.google.com/ie
"Local Page"=C:\WINDOWS\system32\blank.htm
"Page_Transitions"=
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchMigratedDefaultName"=Google
"SearchMigratedDefaultURL"=http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
"Start Page"=www.gmail.com

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Search_URL"=http://www.google.com/ie
"Local Page"=C:\WINDOWS\system32\blank.htm
"Page_Transitions"=
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchMigratedDefaultName"=Google
"SearchMigratedDefaultURL"=http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
"Start Page"=www.gmail.com

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\SearchURL]
""=

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
{2F85D76C-0569-466F-A488-493E6BD0E955} (HKLM) -- C:\Program Files\Windows Desktop Search\dsWebAllow.dll (Microsoft Corporation)
{53707962-6F74-2D53-2644-206D7942484F} (HKLM) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
{5CA3D70E-1895-11CF-8E15-001234567890} (HKLM) -- C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (HKLM) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} (HKLM) -- C:\Program Files\McAfee\VirusScan Enterprise\ScriptCl.dll (McAfee, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{955BE0B8-BC85-4CAF-856E-8E0D8B610560} (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
{AE7CD045-E861-484f-8273-0445EE161910} (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (HKLM) -- C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\sw g.dll (Google Inc.)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{147D6308-0614-4112-89B1-31402F9B82C4}" (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{147D6308-0614-4112-89B1-31402F9B82C4}" (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{C4069E3A-68F1-403E-B40E-20066696354B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{147D6308-0614-4112-89B1-31402F9B82C4}" (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{147D6308-0614-4112-89B1-31402F9B82C4}" (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{C4069E3A-68F1-403E-B40E-20066696354B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{147D6308-0614-4112-89B1-31402F9B82C4}" (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.)
"AGRSMMSG"=AGRSMMSG.exe (Agere Systems)
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s (SlySoft, Inc.)
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
"ehTray"=C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation)
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless (Intel Corporation)
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" (Intel Corporation)
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" /StartedFromRunKey (McAfee, Inc.)
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" (Nero AG)
"NvCplDaemon"="RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"NVRotateSysTray"="rundll32.exe" C:\WINDOWS\system32\nvsysrot.dll,Enable (NVIDIA Corporation)
"nwiz"="nwiz.exe" /installquiet /keeploaded /nodetect ()
"RTHDCPL"=RTHDCPL.EXE (Realtek Semiconductor Corp.)
"ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE (McAfee, Inc.)
"SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" (TOSHIBA Corporation)
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" (Synaptics, Inc.)
"TFncKy"=TFncKy.exe File not found
"THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" (TOSHIBA)
"TPSMain"=TPSMain.exe (TOSHIBA Corporation)
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" (TOSHIBA Corporation)
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s (Elaborate Bytes AG)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
"Google Update"="C:\Documents and Settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)
"L07EXLRD_4296453"="C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE" -m (Microsoft Corporation)
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe (Google Inc.)
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" (TOSHIBA)

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
"Google Update"="C:\Documents and Settings\Gabi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)
"L07EXLRD_4296453"="C:\Program Files\Microsoft Student\Microsoft Student con Encarta Premium 2007 DVD\EDICT.EXE" -m (Microsoft Corporation)
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe (Google Inc.)
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" (TOSHIBA)

========== (O4) Startup Folders ==========

File not found -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\AutorunsDisabled
[2006/03/26 22:44:08 | 00,257,752 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Búsqueda en el escritorio de Windows.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\Explorer]
"NoDriveTypeAutoRun"=227
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\R oyale\Royale.mss -- File not found
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale. the -- File not found
"DisableRegistryTools"=0
"HideLegacyLogonScripts"=0
"HideLogoffScripts"=0
"RunLogonScriptSync"=1
"RunStartupScriptSync"=0
"HideStartupScripts"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\policies\Explorer]
"NoLogoff"=0
"NoDrives"=0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"HideLegacyLogonScripts"=0
"HideLogoffScripts"=0
"HideStartupScripts"=0
"RunLogonScriptSync"=1
"RunStartupScriptSync"=0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer]
"NoLogoff"=0
"NoDrives"=0

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"HideLegacyLogonScripts"=0
"HideLogoffScripts"=0
"HideStartupScripts"=0
"RunLogonScriptSync"=1
"RunStartupScriptSync"=0

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
Anexar a PDF existente: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir a Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir destino de vínculo a PDF existente: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir destino de vínculo en archivo Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir selección a Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir selección a archivo PDF existente: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir vínculos seleccionados a Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir vínculos seleccionados a PDF existente: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
E&xportar a Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [2006/10/27 14:07:36 | 17,891,112 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\Software\Microsoft\Internet Explorer\MenuExt\]
Anexar a PDF existente: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir a Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir destino de vínculo a PDF existente: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir destino de vínculo en archivo Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir selección a Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir selección a archivo PDF existente: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir vínculos seleccionados a Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
Convertir vínculos seleccionados a PDF existente: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 21:47:03 | 00,321,120 | ---- | M] (Adobe Systems Incorporated)
E&xportar a Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [2006/10/27 14:07:36 | 17,891,112 | ---- | M] (Microsoft Corporation)

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.5.0_06\bin\NPJPI150_06.dl l [2005/11/10 13:22:10 | 00,069,746 | ---- | M] (Sun Microsystems, Inc.)
{2670000A-7350-4f3c-8081-5663EE0C6C49}: Button: Enviar a OneNote -- %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [2006/10/26 19:32:42 | 00,604,000 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}: Menu: &Enviar a OneNote -- %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [2006/10/26 19:32:42 | 00,604,000 | ---- | M] (Microsoft Corporation)
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}: Button: Create Mobile Favorite -- %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [2006/06/21 00:40:28 | 00,142,120 | ---- | M] (Microsoft Corporation)
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}: Menu: Crear un favorito móvil... -- %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [2006/06/21 00:40:28 | 00,142,120 | ---- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [2006/10/26 19:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
{B205A35E-1FC4-4CE3-818B-899DBBB3388C}: Button: Barra de búsqueda de Encarta -- %CommonProgramFiles%\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL [2006/06/13 03:01:09 | 00,289,560 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Menu: Spybot - Search & Destroy Configuration -- %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [2008/01/28 10:43:28 | 01,554,256 | ---- | M] (Safer Networking Limited)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\NPJPI150_06.dl l [Sun Java Console] -> [2005/11/10 13:22:10 | 00,069,746 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite] -> [2006/06/21 00:40:28 | 00,142,120 | ---- | M] (Microsoft Corporation)
CmdMapping\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Crear un favorito móvil...] -> [2006/06/21 00:40:28 | 00,142,120 | ---- | M] (Microsoft Corporation)
CmdMapping\\{5699BDDB-A771-4E54-ACBB-BE86921D7892} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 19:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\NPJPI150_06.dl l [Sun Java Console] -> [2005/11/10 13:22:10 | 00,069,746 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite] -> [2006/06/21 00:40:28 | 00,142,120 | ---- | M] (Microsoft Corporation)
CmdMapping\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Crear un favorito móvil...] -> [2006/06/21 00:40:28 | 00,142,120 | ---- | M] (Microsoft Corporation)
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 19:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\NPJPI150_06.dl l [Sun Java Console] -> [2005/11/10 13:22:10 | 00,069,746 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite] -> [2006/06/21 00:40:28 | 00,142,120 | ---- | M] (Microsoft Corporation)
CmdMapping\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Crear un favorito móvil...] -> [2006/06/21 00:40:28 | 00,142,120 | ---- | M] (Microsoft Corporation)
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 19:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\NPJPI150_06.dl l [Sun Java Console] -> [2005/11/10 13:22:10 | 00,069,746 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Create Mobile Favorite] -> [2006/06/21 00:40:28 | 00,142,120 | ---- | M] (Microsoft Corporation)
CmdMapping\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> %ProgramFiles%\Microsoft ActiveSync\INetRepl.dll [Crear un favorito móvil...] -> [2006/06/21 00:40:28 | 00,142,120 | ---- | M] (Microsoft Corporation)
CmdMapping\\{5699BDDB-A771-4E54-ACBB-BE86921D7892} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 19:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
Extension\.spop: -- C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll [2001/01/30 12:56:24 | 00,225,280 | ---- | M] (InterTrust Technologies Corporation, Inc.)

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\ZoneMap\Domains\]
33 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Internet Settings\ZoneMap\Domains\]
cblasgaunas.com\www: http in My Computer
33 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Internet Settings\ZoneMap\Domains\]
32 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Inter net Settings\ZoneMap\Domains\]
32 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-21-3706506953-3877827874-3770693105-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\]
cblasgaunas.com\www: http in My Computer
33 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{166B1BCA-3F9C-11CF-8075-444553540000}: http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab -- Shockwave ActiveX Control
{31435657-9980-0010-8000-00AA00389B71}: http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab -- Reg Error: Key does not exist or could not be opened.
{67DABFBF-D0AB-41FA-9C46-CC0F21721616}: http://go.divx.com/plugin/DivXBrowserPlugin.cab -- Reg Error: Key does not exist or could not be opened.
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab -- Java Plug-in 1.5.0_06
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.
{B8BE5E93-A60C-4D26-A2DC-220313175592}: http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab -- MSN Games - Installer
{C3F79A2B-B9B4-4A66-B012-3EE46475B072}: http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab -- MessengerStatsClient Class
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab -- Java Plug-in 1.5.0_06
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab -- Java Plug-in 1.5.0_06

========== (O17) DNS Name Servers ==========

{05AAC9B4-F619-4A9B-B4C9-0CF037879531} (Servers: | Description: 1394 Net Adapter)
{1D86E52A-B0C5-4AE4-966E-3BD985BA2EC4} (Servers: | Description: 1394 Net Adapter)
{2B118170-CF42-4714-BDFB-022B34C7AB49} (Servers: | Description: Windows Mobile-based Device)
{44604F6F-2E2A-4E0E-B306-661F7B163295} (Servers: | Description: )
{5B8AB2E0-FC31-41B8-99B9-BE0C328D4357} (Servers: | Description: Windows Mobile-based Device)
{71E88CE4-2B2D-4210-A4E1-7FD9FF82A849} (Servers: 80.58.0.33,4.2.2.2 | Description: Intel(R) PRO/Wireless 3945ABG Network Connection)
{793D4601-905A-420E-B865-4D41CC80181A} (Servers: 208.67.222.222,208.67.220.220 | Description: Intel(R) PRO/100 VE Network Connection)
{87025614-4D69-426C-AAE9-F655161C8B31} (Servers: | Description: 1394 Net Adapter)
{99995C13-649B-46BC-89BE-91994FD42715} (Servers: | Description: 1394 Net Adapter)
{9B42853A-D338-4DA9-A4DF-F74025F8247D} (Servers: | Description: Windows Mobile-based Device)
{E0E0FFA7-C139-41BA-98AD-0B237A366667} (Servers: | Description: Windows Mobile-based Device)
{F76089C0-EF77-4FB1-8F13-BB6782533FA0} (Servers: | Description: )

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
!SASWinLogon: "DllName" = C:\Program Files\SUPERAntiSpyware\SASWINLO.dll -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)
igfxcui: "DllName" = igfxdev.dll -- C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}" (HKLM) -- C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" (HKLM) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2006/09/27 09:37:39 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

2ª parte del report

========== Files/Folders - Created Within 30 Days ==========

[8 C:\WINDOWS\*.tmp files]
[2008/11/12 17:13:02 | 00,422,400 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gabi\Desktop\OTViewIt.exe
[2008/11/12 10:15:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2008/11/12 09:56:55 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2008/11/11 13:16:16 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2008/11/11 13:16:16 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2008/11/11 13:16:16 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2008/11/11 13:16:16 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2008/11/11 13:16:16 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe
[2008/11/11 13:16:16 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2008/11/11 13:16:16 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2008/11/11 13:16:16 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2008/11/11 13:16:16 | 00,028,672 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2008/11/11 13:16:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2008/11/11 13:16:10 | 00,000,000 | ---D | C] -- C:\Qoobox
[2008/11/11 13:15:53 | 03,044,628 | R--- | C] () -- C:\Documents and Settings\Gabi\Desktop\ComboFix.exe
[2008/11/11 13:05:38 | 00,322,176 | ---- | C] () -- C:\Documents and Settings\Gabi\Desktop\cc_20081111_1305.reg
[2008/11/11 10:17:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gabi\Application Data\Malwarebytes
[2008/11/11 10:17:50 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/11/11 10:17:50 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/11/11 10:17:47 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/11/11 10:17:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/11/11 10:17:44 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/11/10 23:35:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gabi\Desktop\quelosdisfrutes
[2008/11/09 20:57:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gabi\Desktop\Salvado2008-11-12
[2008/11/08 23:47:37 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Gabi\Desktop\HijackThis.lnk
[2008/11/08 23:47:37 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/11/07 23:02:59 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2008/11/07 22:57:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
[2008/11/07 22:57:15 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\Gabi\Desktop\SpywareBlaster.lnk
[2008/11/07 22:57:14 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2008/11/07 12:33:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\KSWDYLZAIU
[2008/11/07 12:25:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\ASYLEXLMBYA
[2008/11/07 11:08:51 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled
[2008/11/05 17:30:31 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2008/11/04 23:41:34 | 00,003,495 | ---- | C] () -- C:\WirelessDiagLog.csv
[2008/11/02 22:33:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2008/11/02 22:20:42 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2008/10/28 20:42:59 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2008/10/28 20:42:59 | 00,000,232 | -H-- | C] () -- C:\sqmdata10.sqm
[2008/10/28 17:58:29 | 01,240,820 | ---- | C] () -- C:\Documents and Settings\Gabi\Desktop\Guia_Campsa_TomTom.rar
[2008/10/28 14:42:32 | 00,000,942 | ---- | C] () -- C:\Documents and Settings\Gabi\Desktop\ttnavigator.bif
[2008/10/27 13:20:42 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2008/10/24 11:31:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/10/23 23:17:03 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2008/10/23 23:01:42 | 00,037,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk7.sys
[2008/10/23 23:01:41 | 02,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2008/10/23 23:01:41 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2008/10/23 23:01:41 | 00,036,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ip6fw.sys
[2008/10/23 23:01:41 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\intelppm.sys
[2008/10/23 23:01:41 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbehci.sys
[2008/10/23 23:01:41 | 00,015,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mssmbios.sys
[2008/10/23 23:01:41 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tunmp.sys
[2008/10/23 23:01:41 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2008/10/23 23:01:39 | 00,264,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\http.sys
[2008/10/23 23:01:39 | 00,079,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sdbus.sys
[2008/10/23 23:01:39 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2008/10/23 23:01:39 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2008/10/23 23:01:39 | 00,011,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffdisk.sys
[2008/10/23 23:01:39 | 00,011,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_sd.sys
[2008/10/23 23:01:38 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltmgr.sys
[2008/10/23 23:01:38 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2008/10/23 22:59:49 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\advapi32.dll
[2008/10/23 22:59:48 | 00,989,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kernel32.dll
[2008/10/23 22:59:48 | 00,728,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2008/10/23 22:59:48 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comctl32.dll
[2008/10/23 22:59:48 | 00,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autoconv.exe
[2008/10/23 22:59:48 | 00,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autochk.exe
[2008/10/23 22:59:48 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2008/10/23 22:59:48 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll
[2008/10/23 22:59:48 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.dll
[2008/10/23 22:59:48 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imagehlp.dll
[2008/10/23 22:59:48 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\desk.cpl
[2008/10/23 22:59:48 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpcsvc.dll
[2008/10/23 22:59:48 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\locator.exe
[2008/10/23 22:59:48 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2008/10/23 22:59:48 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2008/10/23 22:59:48 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\format.com
[2008/10/23 22:59:48 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2008/10/23 22:59:48 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mgmtapi.dll
[2008/10/23 22:59:48 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lmhsvc.dll
[2008/10/23 22:59:47 | 00,706,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntdll.dll
[2008/10/23 22:59:47 | 00,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdlg.dll
[2008/10/23 22:59:47 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\printui.dll
[2008/10/23 22:59:47 | 00,551,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oleaut32.dll
[2008/10/23 22:59:47 | 00,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2008/10/23 22:59:47 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasapi32.dll
[2008/10/23 22:59:47 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwprovau.dll
[2008/10/23 22:59:47 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msv1_0.dll
[2008/10/23 22:59:47 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntprint.dll
[2008/10/23 22:59:47 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasauto.dll
[2008/10/23 22:59:47 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2008/10/23 22:59:47 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfctrs.dll
[2008/10/23 22:59:47 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecnv32.dll
[2008/10/23 22:59:47 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msgsvc.dll
[2008/10/23 22:59:47 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlsapi.dll
[2008/10/23 22:59:46 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasman.dll
[2008/10/23 22:59:45 | 00,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\samsrv.dll
[2008/10/23 22:59:45 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\samlib.dll
[2008/10/23 22:59:45 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rastapi.dll
[2008/10/23 22:59:45 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rshx32.dll
[2008/10/23 22:59:44 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2008/10/23 22:59:43 | 00,990,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syssetup.dll
[2008/10/23 22:59:43 | 00,985,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupapi.dll
[2008/10/23 22:59:43 | 00,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\untfs.dll
[2008/10/23 22:59:43 | 00,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysdm.cpl
[2008/10/23 22:59:43 | 00,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ulib.dll
[2008/10/23 22:59:43 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schannel.dll
[2008/10/23 22:59:43 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2008/10/23 22:59:43 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\services.exe
[2008/10/23 22:59:43 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srvsvc.dll
[2008/10/23 22:59:43 | 00,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scardsvr.exe
[2008/10/23 22:59:43 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smss.exe
[2008/10/23 22:59:43 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmonui.dll
[2008/10/23 22:59:43 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2008/10/23 22:59:42 | 01,845,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2008/10/23 22:59:42 | 00,799,744 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\drivers\dmboot.sys
[2008/10/23 22:59:42 | 00,187,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\acpi.sys
[2008/10/23 22:59:42 | 00,153,344 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\drivers\dmio.sys
[2008/10/23 22:59:42 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winspool.drv
[2008/10/23 22:59:42 | 00,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fastfat.sys
[2008/10/23 22:59:42 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2008/10/23 22:59:42 | 00,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\afd.sys
[2008/10/23 22:59:42 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wkssvc.dll
[2008/10/23 22:59:42 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32spl.dll
[2008/10/23 22:59:42 | 00,096,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atapi.sys
[2008/10/23 22:59:42 | 00,071,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bridge.sys
[2008/10/23 22:59:42 | 00,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys
[2008/10/23 22:59:42 | 00,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cdfs.sys
[2008/10/23 22:59:42 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cdrom.sys
[2008/10/23 22:59:42 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\arp1394.sys
[2008/10/23 22:59:42 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2008/10/23 22:59:42 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmarpc.sys
[2008/10/23 22:59:42 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys
[2008/10/23 22:59:42 | 00,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\1394bus.sys
[2008/10/23 22:59:42 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys
[2008/10/23 22:59:42 | 00,049,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys
[2008/10/23 22:59:42 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fips.sys
[2008/10/23 22:59:42 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys
[2008/10/23 22:59:42 | 00,036,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\crusoe.sys
[2008/10/23 22:59:42 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\disk.sys
[2008/10/23 22:59:42 | 00,027,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fdc.sys
[2008/10/23 22:59:42 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\flpydisk.sys
[2008/10/23 22:59:42 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ccdecode.sys
[2008/10/23 22:59:42 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\asyncmac.sys
[2008/10/23 22:59:42 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys
[2008/10/23 22:59:42 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2008/10/23 22:59:42 | 00,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cmbatt.sys
[2008/10/23 22:59:42 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\compbatt.sys
[2008/10/23 22:59:42 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2008/10/23 22:59:41 | 00,456,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mrxsmb.sys
[2008/10/23 22:59:41 | 00,180,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mrxdav.sys
[2008/10/23 22:59:41 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2008/10/23 22:59:41 | 00,152,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ipnat.sys
[2008/10/23 22:59:41 | 00,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2008/10/23 22:59:41 | 00,092,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ksecdd.sys
[2008/10/23 22:59:41 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ipsec.sys
[2008/10/23 22:59:41 | 00,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys
[2008/10/23 22:59:41 | 00,052,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\i8042prt.sys
[2008/10/23 22:59:41 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mountmgr.sys
[2008/10/23 22:59:41 | 00,042,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\imapi.sys
[2008/10/23 22:59:41 | 00,037,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\isapnp.sys
[2008/10/23 22:59:41 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys
[2008/10/23 22:59:41 | 00,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\modem.sys
[2008/10/23 22:59:41 | 00,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys
[2008/10/23 22:59:41 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdclass.sys
[2008/10/23 22:59:41 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouclass.sys
[2008/10/23 22:59:41 | 00,020,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ipinip.sys
[2008/10/23 22:59:41 | 00,019,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msfs.sys
[2008/10/23 22:59:41 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2008/10/23 22:59:41 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2008/10/23 22:59:41 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2008/10/23 22:59:40 | 00,182,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys
[2008/10/23 22:59:40 | 00,105,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mup.sys
[2008/10/23 22:59:40 | 00,091,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndiswan.sys
[2008/10/23 22:59:40 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nabtsfec.sys
[2008/10/23 22:59:40 | 00,040,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndproxy.sys
[2008/10/23 22:59:40 | 00,035,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msgpc.sys
[2008/10/23 22:59:40 | 00,034,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\netbios.sys
[2008/10/23 22:59:40 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndisuio.sys
[2008/10/23 22:59:40 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndisip.sys
[2008/10/23 22:59:40 | 00,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndistapi.sys
[2008/10/23 22:59:40 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2008/10/23 22:59:40 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mstee.sys
[2008/10/23 22:59:40 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2008/10/23 22:59:40 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2008/10/23 22:59:39 | 00,574,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ntfs.sys
[2008/10/23 22:59:39 | 00,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\netbt.sys
[2008/10/23 22:59:39 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2008/10/23 22:59:39 | 00,120,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pcmcia.sys
[2008/10/23 22:59:39 | 00,088,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys
[2008/10/23 22:59:39 | 00,080,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\parport.sys
[2008/10/23 22:59:39 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\psched.sys
[2008/10/23 22:59:39 | 00,068,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pci.sys
[2008/10/23 22:59:39 | 00,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nic1394.sys
[2008/10/23 22:59:39 | 00,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ohci1394.sys
[2008/10/23 22:59:39 | 00,051,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rasl2tp.sys
[2008/10/23 22:59:39 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\p3.sys
[2008/10/23 22:59:39 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\raspppoe.sys
[2008/10/23 22:59:39 | 00,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys
[2008/10/23 22:59:39 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\processr.sys
[2008/10/23 22:59:39 | 00,030,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\npfs.sys
[2008/10/23 22:59:39 | 00,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys
[2008/10/23 22:59:39 | 00,019,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\partmgr.sys
[2008/10/23 22:59:38 | 00,202,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2008/10/23 22:59:38 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2008/10/23 22:59:38 | 00,175,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdbss.sys
[2008/10/23 22:59:38 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2008/10/23 22:59:38 | 00,096,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys
[2008/10/23 22:59:38 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\serial.sys
[2008/10/23 22:59:38 | 00,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2008/10/23 22:59:38 | 00,048,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\raspptp.sys
[2008/10/23 22:59:38 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys
[2008/10/23 22:59:38 | 00,015,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\serenum.sys
[2008/10/23 22:59:37 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2008/10/23 22:59:37 | 00,025,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys
[2008/10/23 22:59:37 | 00,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sfloppy.sys
[2008/10/23 22:59:37 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\slip.sys
[2008/10/23 22:59:37 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2008/10/23 22:59:36 | 00,361,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys
[2008/10/23 22:59:36 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\srv.sys
[2008/10/23 22:59:36 | 00,225,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2008/10/23 22:59:36 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\udfs.sys
[2008/10/23 22:59:36 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2008/10/23 22:59:36 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2008/10/23 22:59:36 | 00,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2008/10/23 22:59:36 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2008/10/23 22:59:36 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2008/10/23 22:59:36 | 00,019,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys
[2008/10/23 22:59:36 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\streamip.sys
[2008/10/23 22:59:36 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys
[2008/10/23 22:59:36 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2008/10/23 22:59:36 | 00,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swenum.sys
[2008/10/23 22:59:35 | 00,384,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\update.sys
[2008/10/23 22:59:35 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys
[2008/10/23 22:59:35 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys
[2008/10/23 22:59:35 | 00,059,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbhub.sys
[2008/10/23 22:59:35 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2008/10/23 22:59:35 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbstor.sys
[2008/10/23 22:59:35 | 00,025,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys
[2008/10/23 22:59:35 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys
[2008/10/23 22:59:35 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\vga.sys
[2008/10/23 22:59:35 | 00,020,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbuhci.sys
[2008/10/23 22:59:35 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys
[2008/10/23 22:59:35 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2008/10/23 22:59:34 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2008/10/23 22:59:34 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2008/10/23 22:59:34 | 00,134,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\HAL.DLL
[2008/10/23 22:59:34 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2008/10/23 22:59:34 | 00,081,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys
[2008/10/23 22:59:34 | 00,052,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\volsnap.sys
[2008/10/23 22:59:34 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wanarp.sys
[2008/10/23 22:59:34 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wstcodec.sys
[2008/10/20 23:40:15 | 00,143,291 | ---- | C] () -- C:\Documents and Settings\Gabi\Desktop\tema2.pdf
[2008/10/20 23:05:00 | 00,126,972 | ---- | C] () -- C:\Documents and Settings\Gabi\Desktop\RelativeResourceManager.pdf
[2008/10/16 23:33:46 | 00,001,752 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Windows Live Messenger.lnk
[2008/10/16 23:14:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gabi\Local Settings\Application Data\RcIncidents
[2008/10/16 23:03:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2008/10/16 23:01:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\OvtCam
[2008/10/16 23:00:59 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2008/10/16 23:00:58 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2008/10/16 23:00:58 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2008/10/16 23:00:57 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2008/10/16 23:00:56 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2008/10/16 22:54:09 | 00,000,000 | ---D | C] -- C:\Program Files\directx
[2008/10/16 22:53:45 | 00,200,704 | ---- | C] () -- C:\WINDOWS\sel3110.exe
[2008/10/16 22:53:44 | 00,174,530 | ---- | C] (OmniVision Technologies, Inc.) -- C:\WINDOWS\System32\drivers\ov519vid.sys
[2008/10/16 22:53:44 | 00,135,168 | ---- | C] (OmniVision Technologies, Inc.) -- C:\WINDOWS\ov519cap.exe
[2008/10/16 22:53:44 | 00,061,440 | ---- | C] (OmniVision Technologies, Inc.) -- C:\WINDOWS\ov519dib.dll
[2008/10/16 22:53:44 | 00,040,960 | ---- | C] (OmniVision Technologies Inc.) -- C:\WINDOWS\System32\ov519ext.dll
[2008/10/16 22:53:44 | 00,025,211 | ---- | C] (OmniVision Technologies Inc.) -- C:\WINDOWS\System32\drivers\ov519cmd.sys
[2008/10/16 22:53:44 | 00,025,099 | ---- | C] (OmniVision Technologies Inc.) -- C:\WINDOWS\System32\ov519ext.ax
[2008/10/16 22:53:44 | 00,016,426 | ---- | C] (OmniVision Technologies Inc.) -- C:\WINDOWS\System32\ov519usd.dll
[2008/10/16 22:53:42 | 00,040,960 | ---- | C] () -- C:\WINDOWS\CleanDev.exe
[2008/10/16 22:53:40 | 00,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\vidcap32.exe
[2008/10/16 22:53:40 | 00,032,528 | ---- | C] () -- C:\WINDOWS\amcap.exe
[2008/10/16 22:53:40 | 00,000,000 | ---D | C] -- C:\Program Files\ShowCam Plus
[2008/10/15 22:59:50 | 00,020,992 | ---- | C] (RealVNC Ltd.) -- C:\WINDOWS\System32\vncmirror.dll
[2008/10/15 22:59:50 | 00,004,608 | ---- | C] (RealVNC Ltd.) -- C:\WINDOWS\System32\drivers\vncmirror.sys
[2008/10/15 22:59:47 | 00,000,000 | ---D | C] -- C:\Program Files\RealVNC
[2008/10/14 15:00:49 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2008/10/14 15:00:49 | 00,000,232 | -H-- | C] () -- C:\sqmdata09.sqm
[2008/10/14 14:59:22 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2008/10/14 14:59:22 | 00,000,232 | -H-- | C] () -- C:\sqmdata08.sqm

========== Files - Modified Within 30 Days ==========

[1014 C:\WINDOWS\System32\*.tmp files]
[8 C:\WINDOWS\*.tmp files]
[3 C:\Documents and Settings\Gabi\My Documents\*.tmp files]
[2008/11/12 17:05:30 | 00,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/11/12 17:04:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/11/12 17:04:44 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/11/12 17:04:40 | 10,716,97920 | -HS- | M] () -- C:\hiberfil.sys
[2008/11/12 14:47:30 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gabi\Desktop\OTViewIt.exe
[2008/11/12 10:11:31 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/11/12 09:35:51 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2008/11/11 13:06:04 | 00,322,176 | ---- | M] () -- C:\Documents and Settings\Gabi\Desktop\cc_20081111_1305.reg
[2008/11/11 11:45:02 | 03,044,628 | R--- | M] () -- C:\Documents and Settings\Gabi\Desktop\ComboFix.exe
[2008/11/11 10:49:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/11/11 10:17:50 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/11/08 23:47:37 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Gabi\Desktop\HijackThis.lnk
[2008/11/08 23:32:07 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/11/07 23:02:59 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2008/11/07 22:57:15 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\Gabi\Desktop\SpywareBlaster.lnk
[2008/11/07 12:37:28 | 04,259,146 | -H-- | M] () -- C:\Documents and Settings\Gabi\Local Settings\Application Data\IconCache.db
[2008/11/07 12:33:18 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\KSWDYLZAIU
[2008/11/07 12:25:50 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\ASYLEXLMBYA
[2008/11/04 23:43:32 | 00,003,495 | ---- | M] () -- C:\WirelessDiagLog.csv
[2008/11/03 23:07:04 | 00,000,913 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/11/02 23:50:14 | 00,548,214 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/11/02 23:50:14 | 00,456,274 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/11/02 23:50:14 | 00,082,348 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/11/02 23:44:24 | 00,362,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/02 22:28:18 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2008/10/29 22:54:03 | 00,000,570 | ---- | M] () -- C:\Documents and Settings\Gabi\My Documents\Mis carpetas para compartir.lnk
[2008/10/29 13:46:18 | 00,100,840 | ---- | M] () -- C:\Documents and Settings\Gabi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/10/28 20:42:59 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2008/10/28 20:42:59 | 00,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2008/10/28 17:58:29 | 01,240,820 | ---- | M] () -- C:\Documents and Settings\Gabi\Desktop\Guia_Campsa_TomTom.rar
[2008/10/28 14:42:32 | 00,000,942 | ---- | M] () -- C:\Documents and Settings\Gabi\Desktop\ttnavigator.bif
[2008/10/27 13:20:42 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2008/10/24 11:35:17 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2008/10/24 11:33:53 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008/10/24 11:33:51 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008/10/22 1638 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/10/22 1622 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/10/20 23:40:15 | 00,143,291 | ---- | M] () -- C:\Documents and Settings\Gabi\Desktop\tema2.pdf
[2008/10/20 23:05:00 | 00,126,972 | ---- | M] () -- C:\Documents and Settings\Gabi\Desktop\RelativeResourceManager.pdf
[2008/10/16 23:33:46 | 00,001,752 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Windows Live Messenger.lnk
[2008/10/15 17:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netapi32.dll
[2008/10/14 15:00:49 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2008/10/14 15:00:49 | 00,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2008/10/14 14:59:22 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2008/10/14 14:59:22 | 00,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
< End of report >