Ya formateé un par de veces, limpié los archivos rescatados en otro ordenador pero en el mío me va lento el prueba de fallos y creo que sigue infectado.
Ahora tengo Xp prof.64, SP2 actualizado, avast free y malawarebytes. No me detectan nada pero va lentísimo todo.
Para quien me pueda ayudar:
Ejecuté OTL:
Resultado Minimo.
Opciones: Buscar LOP y Buscar Purity, Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
Script bajo la casilla Análisis Personalizados/Codigo de Reparación:
msconfig
netsvcs
%SYSTEMDRIVE%\*.*
CREATERESTOREPOINT
Este es el informe del OTL:
OTL logfile created on: 22/01/2014 22:19:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0A | Country: Spain | Language: ESN | Date Format: dd/MM/yyyy
4,00 Gb Total Physical Memory | 3,56 Gb Available Physical Memory | 89,11% Memory free
5,75 Gb Paging File | 5,61 Gb Available in Paging File | 97,70% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,05 Gb Total Space | 134,81 Gb Free Space | 90,45% Space Free | Partition Type: NTFS
Drive E: | 3,73 Gb Total Space | 3,11 Gb Free Space | 83,37% Space Free | Partition Type: FAT32
Computer Name: BERMEJO | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (WLANKEEPER) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe (Intel(R) Corporation)
SRV:64bit: - (S24EventMonitor) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (NICCONFIGSVC) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Spooler) -- C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (helpsvc) -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (UMWdf) -- C:\WINDOWS\SysWOW64\wdfmgr.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (mnmdd) -- C:\WINDOWS\SysWow64\mnmdd.dll (Microsoft Corporation)
DRV - (Winsock) -- C:\WINDOWS\SysWow64\winsock.dll (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Docs = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: B\u00FAsqueda de Google = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
Hosts file not found
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
O4:64bit: - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup File not found
O4:64bit: - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit File not found
O4:64bit: - HKLM..\Run: [nwiz] nwiz.exe /installquiet File not found
O4:64bit: - HKLM..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - %SystemRoot%\system32\mswsock.dll File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.58.61.250 80.58.61.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38D05990-53E0-47C6-BD0D-FF785AE1C1F7}: DhcpNameServer = 80.58.61.250 80.58.61.254
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found
O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) - File not found
O20 - HKLM Winlogon: UserInit - (userinit) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Windows XP.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Windows XP.bmp
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/01/22 01:47:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10
========== Files/Folders - Created Within 30 Days ==========
[2014/01/22 22:11:58 | 004,645,232 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Administrator\Desktop\ccsetup409.exe
[2014/01/22 22:11:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2014/01/22 20:50:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2014/01/22 19:53:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/22 19:53:15 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup-1.75.0.1300.exe
[2014/01/22 19:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/01/22 19:11:44 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/01/22 17:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2014/01/22 17:01:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/01/22 17:01:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/22 16:33:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AVAST Software
[2014/01/22 16:21:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/22 16:21:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/01/22 16:21:16 | 004,660,640 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Administrator\Desktop\avast_internet_security_setup_online.exe
[2014/01/22 16:12:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2014/01/22 1650 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2014/01/22 15:51:03 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2014/01/22 15:50:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2014/01/22 15:22:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2014/01/22 15:21:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2014/01/22 15:19:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2014/01/22 15:19:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\en-US
[2014/01/22 14:27:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\SoftwareDistribution
[2014/01/22 14:09:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\adfs
[2014/01/22 14:09:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\en
[2014/01/22 14:08:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2014/01/22 14:02:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2014/01/22 14:02:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\PolicyBackup
[2014/01/22 13:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
[2014/01/22 13:34:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014/01/22 13:32:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\WINXP_SP3
[2014/01/22 13:32:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\WinRAR
[2014/01/22 13:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2014/01/22 13:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\WinRAR
[2014/01/22 13:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/01/22 12:58:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\UserData
[2014/01/22 12:55:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\config
[2014/01/22 12:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2014/01/22 12:50:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/01/22 12:50:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
[2014/01/22 12:48:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2014/01/22 12:39:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SigmaTel
[2014/01/22 11:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Bluetooth
[2014/01/22 11:57:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Toshiba
[2014/01/22 11:54:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bluetooth
[2014/01/22 11:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toshiba
[2014/01/22 11:50:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Dell
[2014/01/22 11:50:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Dell
[2014/01/22 11:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2014/01/22 11:50:44 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/01/22 11:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell QuickSet
[2014/01/22 11:50:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InstallShield
[2014/01/22 11:47:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2014/01/22 11:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/01/22 11:42:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2014/01/22 11:42:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2014/01/22 11:42:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Intel
[2014/01/22 11:42:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Intel PROSet Wireless
[2014/01/22 11:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2014/01/22 11:42:02 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014/01/22 11:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel
[2014/01/22 11:40:23 | 000,000,000 | ---D | C] -- C:\dell
[2014/01/22 02:32:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ODBC
[2014/01/22 02:32:02 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2014/01/22 02:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2014/01/22 02:31:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeechEngines
[2014/01/22 02:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Shared
[2014/01/22 02:31:54 | 000,000,000 | R--D | C] -- C:\Program Files
[2014/01/22 02:31:54 | 000,000,000 | R--D | C] -- C:\Program Files (x86)
[2014/01/22 02:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2014/01/22 02:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2014/01/22 02:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2014/01/22 02:31:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files
[2014/01/22 02:31:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2014/01/22 02:31:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2014/01/22 02:31:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2014/01/22 02:31:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Desktop
[2014/01/22 02:31:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2014/01/22 02:31:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2014/01/22 02:31:16 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2014/01/22 02:31:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2014/01/22 02:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2014/01/22 02:31:07 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/01/22 02:21:13 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2014/01/22 02:21:13 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2014/01/22 02:21:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\wbem
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\usmt
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWOW64
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\mui
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent64
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\InstallShield
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime (x86)
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\ias
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\export
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Drivers
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\3076
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\2052
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1054
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1042
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1041
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1037
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1033
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1031
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1028
[2014/01/22 02:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1025
[2014/01/22 01:56:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2014/01/22 01:56:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2014/01/22 01:55:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2014/01/22 01:55:55 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2014/01/22 01:55:55 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2014/01/22 01:55:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2014/01/22 01:55:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2014/01/22 01:55:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies
[2014/01/22 01:55:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop
[2014/01/22 01:55:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2014/01/22 01:55:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2014/01/22 01:55:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2014/01/22 01:55:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2014/01/22 01:55:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2014/01/22 01:55:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2014/01/22 01:55:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Templates
[2014/01/22 01:55:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood
[2014/01/22 01:55:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood
[2014/01/22 01:55:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2014/01/22 01:55:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2014/01/22 01:55:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/01/22 01:55:24 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2014/01/22 01:55:24 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2014/01/22 01:55:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2014/01/22 01:55:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2014/01/22 01:47:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\system
[2014/01/22 01:47:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\speechengines
[2014/01/22 01:47:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\microsoft shared
[2014/01/22 01:47:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\inetsrv
[2014/01/22 01:47:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\ime
[2014/01/22 01:46:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2014/01/22 01:46:27 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2014/01/22 01:45:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetMeeting
[2014/01/22 01:45:44 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2014/01/22 01:45:44 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2014/01/22 01:45:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Macromed
[2014/01/22 01:45:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2014/01/22 01:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker
[2014/01/22 01:44:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2014/01/22 01:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Services
[2014/01/22 01:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2014/01/22 01:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outlook Express
[2014/01/22 01:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2014/01/22 01:44:34 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2014/01/22 01:44:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\System
[2014/01/22 01:44:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2014/01/22 01:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Explorer
[2014/01/22 01:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2014/01/22 01:44:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2014/01/22 01:44:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2014/01/22 01:43:59 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2014/01/22 01:43:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2014/01/22 01:43:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2014/01/22 01:43:28 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2014/01/22 01:43:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Player
[2014/01/22 01:43:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Gaming Zone
[2014/01/22 01:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows NT
[2014/01/22 01:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2014/01/22 01:42:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN
[2014/01/22 01:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2014/01/22 01:42:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Com
[2014/01/22 01:40:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/01/22 22:09:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2014/01/22 21:42:48 | 004,645,232 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Administrator\Desktop\ccsetup409.exe
[2014/01/22 20:40:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/22 20:37:06 | 000,001,110 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/22 20:37:06 | 000,000,378 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/01/22 20:00:00 | 000,001,114 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/22 19:53:53 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/22 19:47:32 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup-1.75.0.1300.exe
[2014/01/22 19:12:52 | 000,001,783 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! SafeZone.lnk
[2014/01/22 19:12:52 | 000,001,723 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Internet Security.lnk
[2014/01/22 19:11:44 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/01/22 16:14:35 | 000,000,970 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/01/22 15:51:10 | 000,000,845 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/22 14:06:26 | 000,297,072 | RHS- | M] () -- C:\ntldr
[2014/01/22 13:14:39 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\WinRAR.lnk
[2014/01/22 12:51:11 | 000,001,883 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/22 12:50:56 | 000,001,865 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/01/22 12:48:17 | 000,000,005 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\DELL_WOR_M6300.MRK
[2014/01/22 12:48:17 | 000,000,005 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\1028_DELL_WOR_M6300.MRK
[2014/01/22 12:35:29 | 000,000,000 | ---- | M] () -- C:\WINDOWS\tosOBEX.INI
[2014/01/22 11:57:18 | 000,000,757 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2014/01/22 01:56:05 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2014/01/22 01:47:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2014/01/22 01:47:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2014/01/22 01:47:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2014/01/22 01:47:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2014/01/22 01:47:07 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2014/01/22 01:47:06 | 000,023,392 | ---- | M] () -- C:\WINDOWS\SysWow64\nscompat.tlb
[2014/01/22 01:47:06 | 000,016,832 | ---- | M] () -- C:\WINDOWS\SysWow64\amcompat.tlb
[2014/01/22 01:47:01 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2014/01/22 01:39:39 | 000,000,213 | -HS- | M] () -- C:\boot.ini
[2014/01/21 22:54:34 | 004,660,640 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Administrator\Desktop\avast_internet_security_setup_online.exe
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/01/22 19:53:53 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/22 19:12:52 | 000,001,783 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! SafeZone.lnk
[2014/01/22 19:12:52 | 000,001,723 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Internet Security.lnk
[2014/01/22 16:31:27 | 000,000,378 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/01/22 15:51:10 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
[2014/01/22 14:09:25 | 001,099,264 | ---- | C] () -- C:\WINDOWS\adfs.msp
[2014/01/22 13:14:39 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\WinRAR.lnk
[2014/01/22 12:50:56 | 000,001,883 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/22 12:50:56 | 000,001,865 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/01/22 12:50:33 | 000,001,114 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/22 12:50:33 | 000,001,110 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/22 12:48:17 | 000,000,005 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\DELL_WOR_M6300.MRK
[2014/01/22 12:48:17 | 000,000,005 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\1028_DELL_WOR_M6300.MRK
[2014/01/22 12:35:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2014/01/22 11:54:52 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2014/01/22 11:46:57 | 001,019,904 | ---- | C] () -- C:\WINDOWS\SysWow64\nvwimg.dll
[2014/01/22 11:46:55 | 001,486,848 | ---- | C] () -- C:\WINDOWS\SysWow64\nview.dll
[2014/01/22 02:32:06 | 000,000,970 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2014/01/22 02:32:01 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014/01/22 02:30:15 | 000,000,213 | -HS- | C] () -- C:\boot.ini
[2014/01/22 01:56:05 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2014/01/22 01:56:03 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2014/01/22 01:56:01 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/22 01:56:01 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014/01/22 01:55:55 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
[2014/01/22 01:55:55 | 000,000,822 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
[2014/01/22 01:54:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014/01/22 01:47:10 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2014/01/22 01:47:10 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2014/01/22 01:47:10 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2014/01/22 01:47:10 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2014/01/22 01:47:07 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2014/01/22 01:47:06 | 000,023,392 | ---- | C] () -- C:\WINDOWS\SysWow64\nscompat.tlb
[2014/01/22 01:47:06 | 000,016,832 | ---- | C] () -- C:\WINDOWS\SysWow64\amcompat.tlb
[2014/01/22 01:45:33 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2014/01/22 01:44:55 | 000,144,128 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2014/01/22 01:44:55 | 000,144,128 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2014/01/22 01:44:10 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2014/01/22 01:43:28 | 000,002,040 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2014/01/22 01:43:00 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2014/01/22 01:43:00 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2014/01/22 01:43:00 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2014/01/22 01:43:00 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2014/01/22 01:43:00 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2014/01/22 01:43:00 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2014/01/22 01:43:00 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2014/01/22 01:43:00 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2014/01/22 01:42:59 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2014/01/22 01:42:59 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2014/01/22 01:42:59 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = %SystemRoot%\system32\shdocvw.dll
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\SysWOW64\shdocvw.dll -- [2013/10/25 06:29:02 | 001,520,128 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\fastprox.dll
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\SysWOW64\wbem\fastprox.dll -- [2009/03/19 19:51:22 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\wbemess.dll
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/01/22 16:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVAST Software
[2014/01/22 16:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2014/01/22 01:47:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2014/01/22 01:39:39 | 000,000,213 | -HS- | M] () -- C:\boot.ini
[2014/01/22 01:47:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2014/01/22 01:47:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2014/01/22 01:47:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2005/03/25 13:00:00 | 000,047,772 | RHS- | M] () -- C:\NTDETECT.COM
[2014/01/22 14:06:26 | 000,297,072 | RHS- | M] () -- C:\ntldr
[2014/01/22 20:40:02 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
< End of report >
Gracias por molestaros
msc hotline sat Virus Research Engineer