blocked by thinkpoint

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

blocked by thinkpoint

Post by Olangua on Thu 21 Oct 2010, 6:02 am

First topic message reminder :

Hi guys,
got infected by thinkpoint a couple of hours ago and it´s blocked my computer almost completely. After reading many posts I´ve managed to get to the task administrator window, but when I try the next step which seems to be explorer.exe it says it is infected by virus. what do I do know? my computer runs windows 7. please help, I´m desperate!

Olangua

Newbie Surfer
Newbie Surfer

Posts : 18
Joined : 2010-10-21
Operating System : windows 7

View user profile

Back to top Go down


Re: blocked by thinkpoint

Post by TheAvatar on Sat 30 Oct 2010, 9:03 am

Hi,

Please now open OTL and click "Quick Scan" and post the log here.

Also let me know how your PC is running.

TheAvatar

Malware Advisor
Malware Advisor

Posts : 137
Joined : 2010-10-02
Operating System : Windows XP SP3

View user profile

Back to top Go down

Re: blocked by thinkpoint

Post by Olangua on Sun 31 Oct 2010, 5:18 am

Hi Avatar,
here´s log you asked for:
OTL logfile created on: 30/10/2010 20:08:30 - Run 3
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\patricia\Desktop
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

1.014,00 Mb Total Physical Memory | 202,00 Mb Available Physical Memory | 20,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 34,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 92,15 Gb Free Space | 79,14% Space Free | Partition Type: NTFS
Drive D: | 116,05 Gb Total Space | 110,56 Gb Free Space | 95,27% Space Free | Partition Type: NTFS

Computer Name: PATRICIA-TOSH | User Name: patricia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\patricia\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Archivos de programa\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Archivos de programa\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Archivos de programa\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Archivos de programa\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Archivos de programa\Telefonica\bin\tgsrvc.exe (SupportSoft, Inc.)
PRC - C:\Archivos de programa\TOSHIBA\Bluetooth Toshiba Stack\TosBtProc.exe (TOSHIBA CORPORATION.)
PRC - C:\Archivos de programa\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Archivos de programa\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Archivos de programa\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Archivos de programa\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\TECO\TEco.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
PRC - C:\Archivos de programa\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
PRC - C:\Archivos de programa\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
PRC - C:\Windows\System32\igfxext.exe (Intel Corporation)
PRC - C:\Archivos de programa\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\ConfigFree\CFIWmxSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Archivos de programa\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Archivos de programa\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation)
PRC - C:\Archivos de programa\TOSHIBA\Bluetooth Toshiba Stack\TosOBEX.exe (TOSHIBA CORPORATION.)
PRC - C:\Archivos de programa\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.)
PRC - C:\Archivos de programa\Apoint2K\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Archivos de programa\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Archivos de programa\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
PRC - C:\Archivos de programa\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)


========== Modules (SafeList) ==========

MOD - C:\Users\patricia\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Archivos de programa\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (tgsrvc_telefonica) SupportSoft Repair Service (telefonica) -- C:\Program Files\Telefonica\bin\tgsrvc.exe (SupportSoft, Inc.)
SRV - (GameConsoleService) -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (TOSHIBA Bluetooth Service) -- C:\Archivos de programa\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TMachInfo) -- C:\Archivos de programa\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (cfWiMAXService) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe (TOSHIBA CORPORATION)
SRV - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) Instalador de ActiveX (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Thpsrv) -- C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)


========== Driver Services (SafeList) ==========

DRV - (USBCCID) -- C:\Windows\System32\DRIVERS\RtsUCcid.sys File not found
DRV - (RtsUIR) -- C:\Windows\System32\DRIVERS\Rts516xIR.sys File not found
DRV - (catchme) -- C:\Users\patricia\AppData\Local\Temp\catchme.sys File not found
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (SASKUTIL) -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (SASDIFSV) -- C:\Archivos de programa\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (RSUSBSTOR) -- C:\Windows\System32\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Controlador de interfaz de puerto serie Brother MFC (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\system32\DRIVERS\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (Thpevm) -- C:\Windows\system32\DRIVERS\Thpevm.SYS (TOSHIBA Corporation)
DRV - (Thpdrv) -- C:\Windows\system32\DRIVERS\thpdrv.sys (TOSHIBA Corporation)
DRV - (PGEffect) -- C:\Windows\System32\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV - (TVALZFL) -- C:\Windows\System32\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek )
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (tidnet) -- C:\Windows\System32\drivers\tidnet.sys (Telefónica I+D)
DRV - (Huawei) -- C:\Windows\System32\drivers\ewdcsc.sys (Huawei Tech. Co., Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/24 10:49:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/24 10:49:00 | 000,000,000 | ---D | M]

[2010/10/24 10:49:20 | 000,000,000 | ---D | M] -- C:\Users\patricia\AppData\Roaming\mozilla\Extensions
[2010/10/24 10:49:20 | 000,000,000 | ---D | M] -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\vniibxtr.default\extensions
[2010/10/24 10:49:01 | 000,000,000 | ---D | M] -- C:\Archivos de programa\Mozilla Firefox\extensions
[2010/10/12 22:12:35 | 000,003,996 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\drae.xml
[2010/10/12 22:12:35 | 000,000,751 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\eBay-es.xml
[2010/10/12 22:12:35 | 000,001,178 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\wikipedia-es.xml
[2010/10/12 22:12:35 | 000,001,102 | ---- | M] () -- C:\Archivos de programa\Mozilla Firefox\searchplugins\yahoo-es.xml

O1 HOSTS File: ([2010/10/28 10:24:03 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Archivos de programa\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Archivos de programa\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Archivos de programa\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Archivos de programa\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Archivos de programa\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Archivos de programa\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Archivos de programa\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ThpSrv] C:\Windows\System32\thpsrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Toshiba Registration] C:\Archivos de programa\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Archivos de programa\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosNC] C:\Archivos de programa\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Archivos de programa\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Archivos de programa\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosWaitSrv] C:\Archivos de programa\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Archivos de programa\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Archivos de programa\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} [You must be registered and logged in to see this link.] (Support.com Configuration Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [You must be registered and logged in to see this link.] (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.58.61.250 80.58.61.254
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Archivos de programa\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/30 20:07:51 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\patricia\Desktop\OTL.exe
[2010/10/29 12:05:51 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ESET
[2010/10/28 10:29:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/10/28 10:22:07 | 000,000,000 | ---D | C] -- C:\Device
[2010/10/28 09:58:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/10/26 20:45:23 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\temp
[2010/10/26 20:26:41 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/10/26 20:26:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/10/26 20:26:41 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/10/26 20:26:23 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/10/26 20:26:01 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/24 10:49:09 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Mozilla
[2010/10/24 10:49:09 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\Mozilla
[2010/10/24 10:48:58 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Mozilla Firefox
[2010/10/24 10:43:43 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Java
[2010/10/24 10:33:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/10/24 10:33:44 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Java
[2010/10/24 00:53:35 | 000,000,000 | ---D | C] -- C:\Archivos de programa\CCleaner
[2010/10/21 16:11:03 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\SUPERAntiSpyware.com
[2010/10/21 16:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/10/21 16:10:52 | 000,000,000 | ---D | C] -- C:\Archivos de programa\SUPERAntiSpyware
[2010/10/20 22:05:11 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Malwarebytes
[2010/10/20 22:02:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/10/20 22:02:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/10/20 22:02:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/20 22:02:07 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
[2010/10/20 21:31:10 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Loaris
[2010/10/20 19:28:44 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\Server
[2010/10/12 13:24:20 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Spotify
[2010/10/12 13:24:20 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\Spotify
[2010/10/12 13:24:13 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Spotify
[2010/10/12 12:45:39 | 000,000,000 | ---D | C] -- C:\Archivos de programa\iPod
[2010/10/12 12:45:36 | 000,000,000 | ---D | C] -- C:\Archivos de programa\iTunes
[2010/10/12 12:40:01 | 000,000,000 | ---D | C] -- C:\Archivos de programa\QuickTime
[2010/10/12 12:37:07 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Bonjour
[2010/10/07 23:37:27 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Common Files\Adobe
[2010/10/07 23:37:27 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Adobe

========== Files - Modified Within 30 Days ==========

[2010/10/30 20:08:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\patricia\Desktop\OTL.exe
[2010/10/30 20:06:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/30 19:59:52 | 000,694,386 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2010/10/30 19:59:52 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/10/30 19:59:52 | 000,134,448 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2010/10/30 19:59:52 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/10/30 19:57:32 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/30 19:56:56 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3400816499-3506029819-3345165704-1000Core.job
[2010/10/30 19:49:13 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3400816499-3506029819-3345165704-1000UA.job
[2010/10/30 19:48:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/29 07:25:15 | 000,029,696 | ---- | M] () -- C:\Users\patricia\Documents\factura 122.xls
[2010/10/28 11:00:42 | 000,084,992 | ---- | M] () -- C:\Windows\MBR.exe
[2010/10/28 10:54:14 | 000,014,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/28 10:54:14 | 000,014,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/28 10:45:54 | 797,777,920 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/28 10:24:03 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/10/28 09:57:54 | 003,892,841 | R--- | M] () -- C:\Users\patricia\Desktop\ComboFix.exe
[2010/10/26 21:15:57 | 000,027,136 | ---- | M] () -- C:\Users\patricia\Documents\factura 132.xls
[2010/10/24 10:49:05 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/10/24 01:08:58 | 000,000,262 | ---- | M] () -- C:\Users\patricia\Documents\cc_20101024_010840.reg
[2010/10/24 01:03:02 | 000,000,644 | ---- | M] () -- C:\Users\patricia\Documents\cc_20101024_010245.reg
[2010/10/24 00:55:42 | 000,198,008 | ---- | M] () -- C:\Users\patricia\Documents\cc_20101024_005512.reg
[2010/10/24 00:53:37 | 000,000,976 | ---- | M] () -- C:\Users\patricia\Desktop\CCleaner.lnk
[2010/10/21 22:02:57 | 000,000,000 | ---- | M] () -- C:\Users\patricia\defogger_reenable
[2010/10/21 16:10:57 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/10/21 07:21:29 | 000,002,385 | ---- | M] () -- C:\Users\patricia\Desktop\Google Chrome.lnk
[2010/10/20 22:02:13 | 000,000,990 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/20 19:50:48 | 000,000,006 | ---- | M] () -- C:\Users\patricia\AppData\Roaming\completescan
[2010/10/20 19:46:14 | 000,000,006 | ---- | M] () -- C:\Users\patricia\AppData\Roaming\start
[2010/10/20 19:32:08 | 000,000,010 | ---- | M] () -- C:\Users\patricia\AppData\Roaming\install
[2010/10/20 12:39:53 | 000,027,136 | ---- | M] () -- C:\Users\patricia\Documents\factura 131.xls
[2010/10/20 12:31:00 | 000,021,504 | ---- | M] () -- C:\Users\patricia\Documents\factura 130.xls
[2010/10/14 16:40:20 | 000,029,184 | ---- | M] () -- C:\Users\patricia\Documents\factura 125.xls
[2010/10/14 16:39:38 | 000,029,184 | ---- | M] () -- C:\Users\patricia\Documents\factura 129.xls
[2010/10/14 09:28:20 | 000,417,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/12 16:24:22 | 000,021,504 | ---- | M] () -- C:\Users\patricia\Documents\invoice 120.xls
[2010/10/12 13:24:17 | 000,000,960 | ---- | M] () -- C:\Users\patricia\Desktop\Spotify.lnk
[2010/10/12 12:46:47 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/10/12 12:40:26 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/10/07 23:41:35 | 000,021,504 | ---- | M] () -- C:\Users\patricia\Documents\factura 119.xls
[2010/10/07 23:37:51 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/10/06 16:44:58 | 000,029,696 | ---- | M] () -- C:\Users\patricia\Documents\factura 121.xls
[2010/10/04 22:38:37 | 000,029,696 | ---- | M] () -- C:\Users\patricia\Documents\factura 7410.xls

========== Files Created - No Company Name ==========

[2010/10/26 21:15:57 | 000,027,136 | ---- | C] () -- C:\Users\patricia\Documents\factura 132.xls
[2010/10/26 20:26:41 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/10/26 20:26:41 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/10/26 20:26:41 | 000,084,992 | ---- | C] () -- C:\Windows\MBR.exe
[2010/10/26 20:26:41 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/10/26 20:26:41 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/10/26 20:23:20 | 003,892,841 | R--- | C] () -- C:\Users\patricia\Desktop\ComboFix.exe
[2010/10/24 10:49:05 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/10/24 01:08:44 | 000,000,262 | ---- | C] () -- C:\Users\patricia\Documents\cc_20101024_010840.reg
[2010/10/24 01:02:49 | 000,000,644 | ---- | C] () -- C:\Users\patricia\Documents\cc_20101024_010245.reg
[2010/10/24 00:55:25 | 000,198,008 | ---- | C] () -- C:\Users\patricia\Documents\cc_20101024_005512.reg
[2010/10/24 00:53:37 | 000,000,976 | ---- | C] () -- C:\Users\patricia\Desktop\CCleaner.lnk
[2010/10/21 22:02:57 | 000,000,000 | ---- | C] () -- C:\Users\patricia\defogger_reenable
[2010/10/21 16:10:57 | 000,001,972 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/10/20 22:02:13 | 000,000,990 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/20 19:41:19 | 000,000,006 | ---- | C] () -- C:\Users\patricia\AppData\Roaming\start
[2010/10/20 19:40:05 | 000,000,006 | ---- | C] () -- C:\Users\patricia\AppData\Roaming\completescan
[2010/10/20 19:32:08 | 000,000,010 | ---- | C] () -- C:\Users\patricia\AppData\Roaming\install
[2010/10/20 12:37:40 | 000,027,136 | ---- | C] () -- C:\Users\patricia\Documents\factura 131.xls
[2010/10/20 12:30:59 | 000,021,504 | ---- | C] () -- C:\Users\patricia\Documents\factura 130.xls
[2010/10/14 16:40:19 | 000,029,184 | ---- | C] () -- C:\Users\patricia\Documents\factura 125.xls
[2010/10/14 16:39:37 | 000,029,184 | ---- | C] () -- C:\Users\patricia\Documents\factura 129.xls
[2010/10/12 13:24:17 | 000,000,960 | ---- | C] () -- C:\Users\patricia\Desktop\Spotify.lnk
[2010/10/12 12:46:47 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/10/12 12:40:26 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/10/07 23:37:51 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/10/06 16:49:40 | 000,029,696 | ---- | C] () -- C:\Users\patricia\Documents\factura 122.xls
[2010/10/06 16:44:57 | 000,029,696 | ---- | C] () -- C:\Users\patricia\Documents\factura 121.xls
[2010/10/04 22:38:37 | 000,029,696 | ---- | C] () -- C:\Users\patricia\Documents\factura 7410.xls
[2010/06/01 12:03:04 | 000,004,608 | ---- | C] () -- C:\Users\patricia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/24 03:28:42 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/01/24 03:28:41 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/01/24 03:28:32 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/01/24 03:28:32 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/01/24 03:28:29 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/01/23 20:06:54 | 000,000,000 | ---- | C] () -- C:\Users\patricia\AppData\Roaming\wklnhst.dat
[2009/10/07 01:36:06 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009/09/07 06:28:25 | 000,045,056 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2009/09/07 06:27:08 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/04/28 04:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\SPCtl.dll

========== LOP Check ==========

[2010/01/25 14:55:52 | 000,000,000 | ---D | M] -- C:\Users\patricia\AppData\Roaming\FloodLightGames
[2010/01/23 19:57:51 | 000,000,000 | ---D | M] -- C:\Users\patricia\AppData\Roaming\GetRightToGo
[2010/10/12 13:29:21 | 000,000,000 | ---D | M] -- C:\Users\patricia\AppData\Roaming\Spotify
[2010/01/25 10:35:23 | 000,000,000 | ---D | M] -- C:\Users\patricia\AppData\Roaming\Telefónica Móviles
[2010/01/23 17:48:37 | 000,000,000 | ---D | M] -- C:\Users\patricia\AppData\Roaming\Toshiba
[2010/01/24 22:28:51 | 000,000,000 | ---D | M] -- C:\Users\patricia\AppData\Roaming\WildTangent
[2009/07/14 06:53:46 | 000,022,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
PC seems to be running fine. I hope it´s cured!

Olangua

Newbie Surfer
Newbie Surfer

Posts : 18
Joined : 2010-10-21
Operating System : windows 7

View user profile

Back to top Go down

Re: blocked by thinkpoint

Post by TheAvatar on Sun 31 Oct 2010, 8:48 pm

Hi please do this:

Run OTL.exe
  • Copy/paste the following text written inside of the quote box into the Custom Scans/Fixes box located at the bottom of OTL

    :OTL
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

    :Commands
    [purity]
    [emptytemp]
    [emptyflash]
    [clearallrestorepoints]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • After rebooting, please post the OTL you are presented with on startup.



====



Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.



Let me know how it all goes

TheAvatar

Malware Advisor
Malware Advisor

Posts : 137
Joined : 2010-10-02
Operating System : Windows XP SP3

View user profile

Back to top Go down

Re: blocked by thinkpoint

Post by Olangua on Sun 31 Oct 2010, 9:32 pm

Hi Avatar,
this is theOTL run fix log:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: patricia
->Temp folder emptied: 9099074 bytes
->Temporary Internet Files folder emptied: 32749247 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 20430298 bytes
->Google Chrome cache emptied: 73014527 bytes
->Flash cache emptied: 3263 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11673 bytes
RecycleBin emptied: 128241420 bytes

Total Files Cleaned = 251,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: patricia
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Error: Unable to interpret <[clearallrestorepoints> in the current context!

OTL by OldTimer - Version 3.2.17.1 log created on 10312010_112328

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

I´ll run cleanup next

Olangua

Newbie Surfer
Newbie Surfer

Posts : 18
Joined : 2010-10-21
Operating System : windows 7

View user profile

Back to top Go down

Re: blocked by thinkpoint

Post by TheAvatar on Mon 01 Nov 2010, 7:22 am

Good how did the cleanup go?

TheAvatar

Malware Advisor
Malware Advisor

Posts : 137
Joined : 2010-10-02
Operating System : Windows XP SP3

View user profile

Back to top Go down

Re: blocked by thinkpoint

Post by Olangua on Mon 01 Nov 2010, 7:42 am

Ok I guess, but OTL is now gone from my desktop, was that supposed to happen?

Olangua

Newbie Surfer
Newbie Surfer

Posts : 18
Joined : 2010-10-21
Operating System : windows 7

View user profile

Back to top Go down

Re: blocked by thinkpoint

Post by Sponsored content Today at 5:56 pm


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum