Foro de InfoSpyware - Foro de Virus y Spywares http://www.forospyware.com/ Ayuda con: Malwares - Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc.) Plantéanos tu problema en este sector.No ponga su log de HijackThis aquí !! es Wed, 16 May 2012 23:18:18 GMT vBulletin 60 http://img.infospyware.netdna-cdn.com/fstheme/images/misc/rss.jpg Foro de InfoSpyware - Foro de Virus y Spywares http://www.forospyware.com/ No conecta a Internet http://www.forospyware.com/t426481.html Wed, 16 May 2012 23:04:44 GMT Hola!!! nuevamente molestando con una consulta... hace unos meses tuve problemas con la actualizacion del nod32 ya que se habia desactualizado y se habia activado otro antivirus tambien, cuestion que no podia hacer nada en la pc... gracias a ustedes pude hacerla funcionar nuevamente tuve que... Hola!!! nuevamente molestando con una consulta... hace unos meses tuve problemas con la actualizacion del nod32 ya que se habia desactualizado y se habia activado otro antivirus tambien, cuestion que no podia hacer nada en la pc... gracias a ustedes pude hacerla funcionar nuevamente tuve que instalar el iexplore.exe y algunas cosas mas que no recuerdo, pero se soluciono, o al menos es lo que yo creia porque si bien se activo nuevamente la pc y puedo utilizar todos los programas no se que paso pero no hay forma de que me pueda conectar a internet, me diced que me ponga en contacto con el administrador de red, pero internet si funciona porque en otra pc funciona con wi fi... agradeceria que me ayuden!!!! estoy preocupadaaaaa... no puedo terminar de arreglar mi pc... GRACIAS!!!!!!!! ]]> Foro de Virus y Spywares princesmane http://www.forospyware.com/t426481.html <![CDATA[No puedo abrir .exe en modo "normal"]]> http://www.forospyware.com/t426480.html Wed, 16 May 2012 23:03:27 GMT Hola, como andan? Posteo acá ya que me pasa algo y no se como solucionarlo. Resulta que me descargue un instalador que pesa mas de 1gb. Al intentar abrirlo se me traba la carpeta y tengo que cerrar el proceso explorer.exe y después volver a abrirlo. Después, al ver que no había caso, inicia...
Hola, como andan?
Posteo acá ya que me pasa algo y no se como solucionarlo.
Resulta que me descargue un instalador que pesa mas de 1gb.
Al intentar abrirlo se me traba la carpeta y tengo que cerrar el proceso explorer.exe y después volver a abrirlo.

Después, al ver que no había caso, inicia en modo seguro y ahí si los podía abrir al instante. Entonces lo que hice fue volver a iniciar en modo seguro, pasar el Malwarebytes Anti-Malware , borre las infecciones y pase el CCleaner.
Reinicie y sigue igual.

Iba a poner el registro que me tiro el Malwarebytes Anti-Malware pero ni idea donde se guarda.


Saludos y gracias!
]]> Foro de Virus y Spywares mercu_13 http://www.forospyware.com/t426480.html Ayuda con virus SGAE http://www.forospyware.com/t426472.html Wed, 16 May 2012 22:08:13 GMT Hola. Mi portatil se ha infectado con el virus de la SGAE. No entiendo demasiado de ordenadores, pero he leido un poco por ahi, he ejecutado el OTL y esto es lo que me sale: ------------------------------------------------------------------------------------------------------- OTL... Hola.
Mi portatil se ha infectado con el virus de la SGAE. No entiendo demasiado de ordenadores, pero he leido un poco por ahi, he ejecutado el OTL y esto es lo que me sale:



-------------------------------------------------------------------------------------------------------



OTL logfile created on: 16/05/2012 23:46:38 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = D:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

3,90 Gb Total Physical Memory | 3,42 Gb Available Physical Memory | 87,62% Memory free
7,80 Gb Paging File | 7,32 Gb Available in Paging File | 93,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 280,79 Gb Total Space | 46,66 Gb Free Space | 16,62% Space Free | Partition Type: NTFS
Drive D: | 14,90 Gb Total Space | 1,19 Gb Free Space | 7,97% Space Free | Partition Type: FAT32
Drive F: | 1,99 Gb Total Space | 1,98 Gb Free Space | 99,77% Space Free | Partition Type: FAT32

Computer Name: ROSA-HP | User Name: Rosa | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/16 23:30:22 | 000,595,456 | ---- | M] (OldTimer Tools) -- D:\OTL.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/03/28 03:18:53 | 001,028,096 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/06/29 20:52:12 | 004,181,256 | ---- | M] (Motorola, Inc.) [On_Demand | Stopped] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV:64bit: - [2010/05/20 22:28:14 | 000,677,128 | ---- | M] (Motorola, Inc.) [Auto | Stopped] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV:64bit: - [2010/05/20 22:28:12 | 001,096,968 | ---- | M] (Motorola, Inc.) [On_Demand | Stopped] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV:64bit: - [2010/01/29 06:15:24 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\st wrt64.inf_amd64_neutral_21dba265e7e67cda\stacsv64. exe -- (STacSV)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\st wrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64. exe -- (AESTFilters)
SRV - [2012/05/04 02:43:44 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/28 03:18:52 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/04 06:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/01/29 06:15:24 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.e xe -- (STacSV)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.e xe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/07 02:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/07 02:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/07 02:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/07 02:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/07 02:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/07 02:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/02/24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2012/02/24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2011/06/02 07:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/06/02 07:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/06/02 07:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2010/07/09 00:45:22 | 003,232,768 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmusb.sys -- (BTMUSB)
DRV:64bit: - [2010/06/29 18:01:38 | 000,931,168 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/06/04 02:18:56 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/21 04:06:38 | 000,096,384 | ---- | M] (Realtek Semiconductor Corp.) [2 MP Fixed] [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2010/05/12 10:37:32 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/05/12 10:37:32 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/05/04 00:44:02 | 000,331,880 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/04/10 01:53:04 | 000,052,736 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmcom.sys -- (BTMCOM)
DRV:64bit: - [2010/03/19 13:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/15 05:45:26 | 000,145,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2010/03/04 05:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/16 22:24:20 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010/01/29 06:15:24 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/01/25 15:51:02 | 007,842,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/14
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM/14
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{86E05349-2C39-4464-8A26-DB23162599A4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=I E-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTe rms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/14
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM/14
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{86E05349-2C39-4464-8A26-DB23162599A4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=I E-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTe rms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/14
IE - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.es/
IE - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000\..\SearchScopes,DefaultScope = {A0F630BA-0073-48AC-B640-ED1B9955D104}
IE - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTe rms}
IE - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000\..\SearchScopes\{A0F630BA-0073-48AC-B640-ED1B9955D104}: "URL" = http://start.funmoods.com/results.php?f=4&a=bf4&q={searchTerms}
IE - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000\..\SearchScopes\{D4C69A5E-7CD7-403B-8E8E-CD95C26BCB65}: "URL" = http://www.google.es/search?q={searchTerms}&rls=com.microsoft:{language }&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.startup.homepage: "http://www.searchnu.com/406"
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=341&systemid=406&sr=0&q="
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Rosa\AppData\Local\Facebook\Video\Skype\n pFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/03/21 16:18:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/14 00:22:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/04 02:43:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/14 00:22:24 | 000,000,000 | ---D | M]

[2012/03/27 06:00:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rosa\AppData\Roaming\mozilla\Extensions
[2012/05/02 15:54:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rosa\AppData\Roaming\mozilla\Firefox\Prof iles\s5ofxj81.default\extensions
[2012/03/27 06:00:51 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Rosa\AppData\Roaming\mozilla\Firefox\Prof iles\s5ofxj81.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012/03/28 19:44:33 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Rosa\AppData\Roaming\mozilla\Firefox\Prof iles\s5ofxj81.default\extensions\ffxtlbr@funmoods. com
[2012/03/28 19:44:33 | 000,000,000 | ---D | M] (CodecC) -- C:\Users\Rosa\AppData\Roaming\mozilla\Firefox\Prof iles\s5ofxj81.default\extensions\info@allpremiumpl ay.info
[2012/03/27 06:06:19 | 000,001,797 | ---- | M] () -- C:\Users\Rosa\AppData\Roaming\Mozilla\Firefox\Prof iles\s5ofxj81.default\searchplugins\funmoods.xml
[2012/03/27 06:00:44 | 000,002,519 | ---- | M] () -- C:\Users\Rosa\AppData\Roaming\Mozilla\Firefox\Prof iles\s5ofxj81.default\searchplugins\Search_Results .xml
[2012/03/27 06:00:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/05/04 02:43:44 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/02 02:40:54 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/02 02:40:54 | 000,007,072 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\diec2.xml
[2012/03/02 02:40:54 | 000,001,060 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\huubs.xml
[2012/03/02 02:40:54 | 000,001,057 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\llibres.xml
[2012/03/27 06:00:44 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012/03/02 02:40:54 | 000,001,162 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-ca.xml

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media, inc)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\funmoods\1.5.12.2\bh\funmoods.dll (Funmoods BHO)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx. dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (CodecC Class) - {C2DDED92-74EC-4032-961A-EB23B25BF542} - C:\ProgramData\CodecC\bhoclass.dll (Injector)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx. dll ()
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.12.2\funmoodsTlbr.dll (Funmoods)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000..\Run: [bAJSbCvnhbErK13] C:\Users\Rosa\AppData\Roaming\WINSnapshot_x86.exe ()
O4 - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000..\Run: [Facebook Update] C:\Users\Rosa\AppData\Local\Facebook\Update\Facebo okUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDL R.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDesktop = 1
O7 - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableRegistryTools = 1
O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{53B9A158-C509-4F6F-AB4F-5BA65E3397A2}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{FE0632A1-F6E2-40B0-B2D0-9C4243A37B07}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000 Winlogon: Shell - (C:\Users\Rosa\AppData\Roaming\WINSnapshot_x86.exe ) - C:\Users\Rosa\AppData\Roaming\WINSnapshot_x86.exe ()
O20 - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000 Winlogon: UserInit - (C:\Users\Rosa\AppData\Roaming\WINSnapshot_x86.exe ) - C:\Users\Rosa\AppData\Roaming\WINSnapshot_x86.exe ()
O20 - HKU\S-1-5-21-1285894154-3819945735-4291217377-1000 Winlogon: UserInit - (C:\WINDOWS\System32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{52308f7b-0b8a-11e1-b79e-78e3b549b90a}\Shell - "" = AutoRun
O33 - MountPoints2\{52308f7b-0b8a-11e1-b79e-78e3b549b90a}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{bdcba226-fb74-11e0-b1d0-78e3b549b90a}\Shell - "" = AutoRun
O33 - MountPoints2\{bdcba226-fb74-11e0-b1d0-78e3b549b90a}\Shell\AutoRun\command - "" = H:\setup.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/15 21:46:30 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{EAAB6DFE-1FEC-46B4-BFD8-17064CB49089}
[2012/05/15 21:46:10 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{9735F48C-9FB6-4616-8806-76F79C4178D8}
[2012/05/14 00:23:54 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\DDMSettings
[2012/05/14 00:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012/05/14 00:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012/05/14 00:20:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2012/05/14 00:18:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012/05/14 00:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012/05/13 21:05:02 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{F287DE56-71E8-458F-9A47-5453867FD8A6}
[2012/05/13 21:04:32 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{09E05761-1911-4940-9CBD-3165CB71C23C}
[2012/05/12 13:39:14 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{FA7FA9D8-ED4C-42DA-8D5C-A2DB0F9B135E}
[2012/05/12 13:39:00 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{CD1652CB-FEE1-44C1-978F-D525015F50E2}
[2012/05/11 14:46:25 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{A9E2C447-8265-4207-81AC-DFE3E00F41A2}
[2012/05/11 14:46:15 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{428B3AD8-2751-49F3-B72F-25D6A48EE375}
[2012/05/10 11:16:15 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{DF407D64-3DA8-4751-971B-D64DD45962D7}
[2012/05/10 11:16:03 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{F17F48D9-E91A-4A91-AD59-DA3C79E4BFB5}
[2012/05/09 23:39:10 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{284C09AB-AA38-4A01-8DE5-20EF7FAB5F9E}
[2012/05/09 17:17:58 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{C70233E2-8E34-443D-96DA-C5B64558DBA8}
[2012/05/09 17:17:35 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{6DDDEC90-7487-40A4-B048-12BD65B81E60}
[2012/05/08 15:47:13 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{2AA75F15-236D-4542-90A0-DEFF93600EAD}
[2012/05/08 15:46:49 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{2779F7D9-703D-45DD-B04D-216BA1713823}
[2012/05/08 11:50:25 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{ED6C30CC-0CFC-4D97-B4D8-BF51BB9C616F}
[2012/05/07 17:32:17 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{E5853FE0-CBF0-489F-8C76-0FC47DB7BF65}
[2012/05/07 17:32:06 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{D7A4A5C1-D59D-4C20-B954-9FFF587D63A5}
[2012/05/07 06:52:58 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{798E66DA-9439-48EF-A4CB-0E108F1064DA}
[2012/05/07 06:52:36 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{070547DA-9B89-419D-BCA1-D3575DF01908}
[2012/05/07 02:14:25 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{44507A1C-74DE-4261-83D1-53A2D6E8C04E}
[2012/05/07 02:14:10 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{BFBB072C-FEE7-4492-96FB-144E292ECB69}
[2012/05/06 17:09:43 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{49A01132-4766-4969-B54E-F8743B48CE3C}
[2012/05/06 17:09:29 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{1886994B-15BE-4BCC-A7B1-8C1510FACC5F}
[2012/05/06 04:38:29 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{BCFF0821-88D1-4857-8CAE-9BA69D9779DF}
[2012/05/06 04:38:05 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{9600237B-5C88-481B-8A34-8EB4D3CC77DD}
[2012/05/04 13:31:35 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{3889641A-DC6F-4A3D-923C-63DC6BFFF772}
[2012/05/04 13:31:00 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{14FE29FF-94A8-4F9F-9A4A-26D5853EF7EA}
[2012/05/04 02:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/04 02:43:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/05/03 18:43:10 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{8EECADC6-851D-4C9E-8B72-BE1879F8256C}
[2012/05/03 18:42:53 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{8BB5E518-5A1A-4401-8C51-18D4686CCB70}
[2012/05/03 14:14:08 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{717EB360-8D99-4782-80BE-1E8CEFD6ACEA}
[2012/05/03 14:13:45 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{4AB8FD8A-846C-4387-9161-B7932DB4A3B6}
[2012/05/02 13:42:36 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{51A9D6B0-FCED-4913-A8F8-8B3C7610349B}
[2012/05/02 13:42:13 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{1FE9FB4B-ED60-4A54-B365-5E0FCACA5DAF}
[2012/05/01 15:51:03 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{5D8C1B84-542A-48CF-A3EE-265646807960}
[2012/05/01 15:50:40 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{1D252C58-CB05-451B-A1B1-D3865292AB04}
[2012/05/01 05:30:43 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{CFF38796-4134-40B4-B16D-8CCF106B5A75}
[2012/05/01 05:30:11 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{A59E41CF-9E10-4E2C-B662-618EFDB9D9F5}
[2012/04/30 12:50:33 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{D4F387C1-B5A5-4279-97DD-3826A8A71F64}
[2012/04/30 12:50:15 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{29FECA41-8B46-4621-964B-5239867A0583}
[2012/04/29 20:51:39 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{76047538-7812-4593-9A54-E7BA9B725574}
[2012/04/29 20:51:26 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{E4FC5BBB-32E5-4BDF-8D1E-0434C9DC5529}
[2012/04/29 19:59:13 | 000,000,000 | ---D | C] -- C:\Users\Rosa\Desktop\Hoy he ido con mi motoOOO
[2012/04/29 19:49:26 | 000,000,000 | ---D | C] -- C:\Temp
[2012/04/29 19:48:58 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\Samsung
[2012/04/29 19:48:40 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Roaming\Samsung
[2012/04/29 19:48:38 | 000,000,000 | ---D | C] -- C:\Users\Rosa\Documents\samsung
[2012/04/29 19:46:16 | 000,203,320 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudmdm.sys
[2012/04/29 19:46:16 | 000,099,384 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudbus.sys
[2012/04/29 19:45:23 | 000,177,640 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadmdm.sys
[2012/04/29 19:45:23 | 000,013,800 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadwhnt.sys
[2012/04/29 19:45:23 | 000,013,800 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadwh.sys
[2012/04/29 19:45:22 | 000,157,672 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadbus.sys
[2012/04/29 19:45:22 | 000,016,872 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadmdfl.sys
[2012/04/29 19:45:22 | 000,013,288 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadcmnt.sys
[2012/04/29 19:45:22 | 000,013,288 | ---- | C] (MCCI Corporation) -- C:\windows\SysNative\drivers\ssadcm.sys
[2012/04/29 19:43:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2012/04/29 19:43:33 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\windows\SysWow64\Redemption.dll
[2012/04/29 19:43:08 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\windows\SysWow64\dgderapi.dll
[2012/04/29 19:43:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2012/04/29 19:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2012/04/29 19:41:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012/04/29 19:39:57 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\Downloaded Installations
[2012/04/29 12:20:39 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\Facebook
[2012/04/29 11:31:06 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{5817773E-B3E9-49A2-8AF8-B91E17871F13}
[2012/04/29 11:30:53 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{2A258A67-DE04-4E4B-84CE-B0418B50B925}
[2012/04/28 15:28:13 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{F806F5C5-4741-4162-9B80-463819C864C5}
[2012/04/28 15:28:02 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{57AA7176-E4E1-4867-A29E-AA691C4BD443}
[2012/04/28 12:25:43 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{44E16D54-7ACA-4989-9908-8881C4B7D85D}
[2012/04/28 12:25:29 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{D8A6BD8B-E074-4AEA-B1EA-EAFD0002D605}
[2012/04/28 01:49:50 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{B781E84C-9C50-488A-B877-DF5966228640}
[2012/04/28 01:49:31 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{2DF8D433-C3A2-4CA3-B19A-745A57BB7DC8}
[2012/04/27 13:10:31 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{FB5FED0F-DB89-43AE-B026-E2F69C6F9028}
[2012/04/27 13:10:17 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{027A71D0-3FC6-4592-BF9C-EABF956E3EBF}
[2012/04/27 05:07:59 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{8F4A1A44-8742-4694-964C-4214579592B3}
[2012/04/27 05:07:47 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{0E6AC75C-4E9E-4978-A5D8-EF57E3D31570}
[2012/04/27 02:00:36 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{CAAB4EFD-DAC9-4819-BD6C-DB42410CDE5C}
[2012/04/27 02:00:23 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{E2A5C738-9D40-48B6-85AA-9691FEA7CFCA}
[2012/04/26 21:15:19 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{0A0FB70A-FB7D-4849-BC68-826224072732}
[2012/04/26 21:15:06 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{4FD400F9-4F8C-4DBE-8FD2-293A838E09F6}
[2012/04/26 14:04:26 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{C4DD794B-732A-47DC-B24C-C355402669A6}
[2012/04/26 14:04:14 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{4EBE4039-6CB8-4794-83CA-5A3AD70893A2}
[2012/04/26 02:25:18 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{A1799DB7-DF45-42B7-860A-CDB6EA753E9A}
[2012/04/26 02:25:06 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{7D4868A5-CE33-4FC6-9D09-405F2B71A377}
[2012/04/25 21:37:06 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{5ADA4740-1550-4D24-8032-76B2AAA4EABD}
[2012/04/25 21:36:54 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{7B42EB84-16D6-4E7A-868B-0FDDCF60773E}
[2012/04/25 13:37:28 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{042E3103-06B3-4E82-A313-4CECA66BD1E6}
[2012/04/25 13:37:16 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{D05791F9-7076-4126-94E3-AC444EE084CF}
[2012/04/25 01:43:42 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{AC537E63-29F5-454F-984F-C986491BFE94}
[2012/04/25 01:43:29 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{C93E8F6D-DD59-46BC-BBD8-1624361749C2}
[2012/04/24 20:37:26 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{C31A02D2-1670-4D3A-B5E2-50C8C242829F}
[2012/04/24 20:37:01 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{9351743C-2C1C-43DC-9FAC-2D3F26E92ADB}
[2012/04/24 16:40:52 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{750C8E33-0893-49B4-8A14-85F775A69A6F}
[2012/04/24 16:40:25 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{D86E655B-C728-482E-9B8B-04EE369E8117}
[2012/04/23 20:12:42 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{F301C16C-E932-4A16-9D4C-FE7A984F301C}
[2012/04/23 20:12:16 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{E08942DD-48EE-4D50-821D-8CF73987FCB8}
[2012/04/23 00:57:09 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{380F39E4-0D2B-44C6-AB6F-345199D8DD90}
[2012/04/23 00:56:54 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{8BF6BFC9-1158-41C2-A922-4BB9A0291AF3}
[2012/04/22 19:35:29 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{016022A5-6320-417E-9DB7-4A63B8CF7198}
[2012/04/22 19:35:05 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{FB8E5119-7972-46E1-8A59-2B4D3B119EF9}
[2012/04/22 17:28:37 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{14275631-D5F1-46C1-B5B8-EEB0D8381F43}
[2012/04/22 17:28:25 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{9D7F940E-E047-4242-969F-0D2033569BF6}
[2012/04/22 05:23:04 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{7E819869-5573-42EC-B947-5ACBC81A4BC6}
[2012/04/22 05:22:50 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{EC0DBFBE-A7D3-477D-B9E4-41CE46BE50A8}
[2012/04/21 13:50:35 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{A3591189-95DC-469E-AB09-785577C6880F}
[2012/04/21 13:50:21 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{CB110C22-74B3-4F78-A34C-386708BA3B4B}
[2012/04/21 02:10:02 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{DE7014A1-6D6F-4720-B3D1-261414365776}
[2012/04/21 02:09:49 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{ACDD52CE-6008-4122-82E5-CC2464453BAE}
[2012/04/20 15:02:28 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{12C1A219-8125-44A0-90E0-A2AC867CD0A4}
[2012/04/20 15:02:16 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{DB05AF37-4A4E-4864-8D95-FBF9621BEEC7}
[2012/04/20 05:26:26 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{7C2C21E1-F77D-4A68-8D58-2D5FF531239A}
[2012/04/20 05:26:02 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{ED5428B4-25E7-49F2-B1FA-5CC04AAAE985}
[2012/04/19 15:58:04 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{1ECB76EA-2B94-49FD-852F-7CABC614ADC3}
[2012/04/19 15:57:47 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{327D2756-B67A-45EC-BF37-79B8C107A2A4}
[2012/04/18 16:59:51 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{6BA5CE4D-67A6-444F-9580-D38D8FCC7C31}
[2012/04/18 16:59:39 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{582468CC-7A19-40F4-9DF9-D64254904B58}
[2012/04/17 08:52:34 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{6BDEED0B-5984-49AC-B023-3EF18B76D24D}
[2012/04/17 08:52:22 | 000,000,000 | ---D | C] -- C:\Users\Rosa\AppData\Local\{EC104039-CD68-4E81-AD86-2804D26EB8D8}

========== Files - Modified Within 30 Days ==========

[2012/05/16 23:42:42 | 002,457,678 | ---- | M] () -- C:\windows\SysNative\perfh00A.dat
[2012/05/16 23:42:42 | 001,134,548 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/05/16 23:42:42 | 000,727,494 | ---- | M] () -- C:\windows\SysNative\perfc00A.dat
[2012/05/16 23:42:42 | 000,608,078 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/05/16 23:42:42 | 000,004,568 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/05/16 23:40:30 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/05/16 23:40:22 | 4190,388,224 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/16 01:55:57 | 000,273,920 | ---- | M] () -- C:\Users\Rosa\AppData\Roaming\WINSnapshot_x86.exe
[2012/05/16 00:25:02 | 000,000,924 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1285894154-3819945735-4291217377-1000UA.job
[2012/05/15 21:52:55 | 000,019,536 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/15 21:52:55 | 000,019,536 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/15 12:25:00 | 000,000,902 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1285894154-3819945735-4291217377-1000Core.job
[2012/05/14 20:28:19 | 313,399,628 | ---- | M] () -- C:\Users\Rosa\Desktop\Game of Thrones 2x07 A Man Without Honor.avi
[2012/05/14 19:49:49 | 286,228,480 | ---- | M] () -- C:\Users\Rosa\Desktop\GameofThrones2x07AManWithout Honor.avi
[2012/05/14 17:53:28 | 707,792,896 | ---- | M] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x07.HDTV.Xv iD-break.MP3.avi
[2012/05/14 00:22:33 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/05/14 00:22:33 | 000,001,611 | ---- | M] () -- C:\Users\Rosa\Desktop\DivX Movies.lnk
[2012/05/14 00:21:59 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/05/12 06:14:51 | 708,462,592 | ---- | M] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x06.HDTV.Xv iD-break.MP3.avi
[2012/05/11 22:04:51 | 713,138,176 | ---- | M] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x05.HDTV.Xv iD-break.MP3.avi
[2012/05/11 20:29:48 | 733,032,448 | ---- | M] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x04.HDTV.Xv iD-break.MP3.avi
[2012/05/11 19:00:20 | 731,269,120 | ---- | M] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x03.HDTV.Xv iD-break.MP3.avi
[2012/05/11 06:10:16 | 734,881,792 | ---- | M] () -- C:\Users\Rosa\Desktop\Generation Kill 1x02.avi
[2012/05/09 01:08:05 | 733,607,936 | ---- | M] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x01.HDTV.Xv iD-break.MP3.avi

========== Files Created - No Company Name ==========

[2012/05/16 01:56:02 | 000,273,920 | ---- | C] () -- C:\Users\Rosa\AppData\Roaming\WINSnapshot_x86.exe
[2012/05/14 19:53:49 | 313,399,628 | ---- | C] () -- C:\Users\Rosa\Desktop\Game of Thrones 2x07 A Man Without Honor.avi
[2012/05/14 18:46:58 | 286,228,480 | ---- | C] () -- C:\Users\Rosa\Desktop\GameofThrones2x07AManWithout Honor.avi
[2012/05/14 16:36:15 | 707,792,896 | ---- | C] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x07.HDTV.Xv iD-break.MP3.avi
[2012/05/14 00:22:33 | 000,001,611 | ---- | C] () -- C:\Users\Rosa\Desktop\DivX Movies.lnk
[2012/05/14 00:21:59 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/05/14 00:21:13 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/05/12 04:57:51 | 708,462,592 | ---- | C] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x06.HDTV.Xv iD-break.MP3.avi
[2012/05/11 20:46:58 | 713,138,176 | ---- | C] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x05.HDTV.Xv iD-break.MP3.avi
[2012/05/11 19:10:16 | 733,032,448 | ---- | C] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x04.HDTV.Xv iD-break.MP3.avi
[2012/05/11 17:40:39 | 731,269,120 | ---- | C] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x03.HDTV.Xv iD-break.MP3.avi
[2012/05/11 04:59:18 | 734,881,792 | ---- | C] () -- C:\Users\Rosa\Desktop\Generation Kill 1x02.avi
[2012/05/08 23:48:05 | 733,607,936 | ---- | C] () -- C:\Users\Rosa\Desktop\Generation.Kill.1x01.HDTV.Xv iD-break.MP3.avi
[2012/04/29 22:10:50 | 576,780,288 | ---- | C] () -- C:\Users\Rosa\Desktop\Black.Mirror.S01E02.HDTV.Xvi D-RiVER.avi
[2012/04/29 22:10:28 | 366,989,312 | ---- | C] () -- C:\Users\Rosa\Desktop\Black.Mirror.S01E01.HDTV.Xvi D-RiVER.avi
[2012/04/29 12:20:49 | 000,000,924 | ---- | C] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1285894154-3819945735-4291217377-1000UA.job
[2012/04/29 12:20:49 | 000,000,902 | ---- | C] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1285894154-3819945735-4291217377-1000Core.job
[2012/03/28 22:11:08 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2012/03/28 22:11:06 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2012/03/28 22:11:06 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2012/03/28 22:11:06 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2012/03/28 22:11:06 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2011/03/28 03:23:55 | 000,014,051 | ---- | C] () -- C:\windows\SysWow64\RaCoInst.dat

< End of report >











¿Qué se supone que tengo que hacer a partir de aquí???? Por favor ser comprensivos y explicarmelo paso a paso. Muchisimas gracias!!!! ]]> Foro de Virus y Spywares Mirove http://www.forospyware.com/t426472.html Peticiones de conexión telefónica http://www.forospyware.com/t426466.html Wed, 16 May 2012 21:32:35 GMT Hola, hace unos días instalé un software llamado Ginger de corrección gramatical en Inglés para Word y otros procesadores de texto. Desde entonces me aparecen unas llamadas incesantes pidiéndome conexión telefónica cuando no estoy conectado, desde este programa y también desde el Acrobat Reader.... Hola,

hace unos días instalé un software llamado Ginger de corrección gramatical en Inglés para Word y otros procesadores de texto. Desde entonces me aparecen unas llamadas incesantes pidiéndome conexión telefónica cuando no estoy conectado, desde este programa y también desde el Acrobat Reader. Hoy he desinstalado ambos programas y desde hace unos minutos no me da problemas, pero antes se me colgó el PC. Puede deberse esto a algún tipo de virus?, ]]> Foro de Virus y Spywares Amoedus http://www.forospyware.com/t426466.html ayuda con virus sgae http://www.forospyware.com/t426461.html Wed, 16 May 2012 21:24:20 GMT Hola, muy buenas. Hoy se me ha infectado el ordenador con el virus sgae y me lo ha bloqueado todo. No puedo acceder a nada. Me han dejado un ordenador para poder solucionarlo. Agradecería cualquier ayuda y orientación, ya que en esto de la informática no es que sea muy bueno. Gracias anticipadas Hola, muy buenas. Hoy se me ha infectado el ordenador con el virus sgae y me lo ha bloqueado todo. No puedo acceder a nada. Me han dejado un ordenador para poder solucionarlo. Agradecería cualquier ayuda y orientación, ya que en esto de la informática no es que sea muy bueno.

Gracias anticipadas ]]> Foro de Virus y Spywares unaikor http://www.forospyware.com/t426461.html otro Virus Sgae mas http://www.forospyware.com/t426459.html Wed, 16 May 2012 21:20:01 GMT Muy buenas. En Primer lugar, felicitaros de antemano por vuestro trabajo en el dia de hoy referente a este virus. Llevo todo el dia pendiente de vosotros para intentar solventar este problema. os comento mi caso. S.O. es un xp Home instalado en un netbook. He seguido los pasos de otros post... Muy buenas.
En Primer lugar, felicitaros de antemano por vuestro trabajo en el dia de hoy referente a este virus. Llevo todo el dia pendiente de vosotros para intentar solventar este problema.
os comento mi caso.
S.O. es un xp Home instalado en un netbook.
He seguido los pasos de otros post referentes al virus pero en mi caso hay una peculiaridad.
Una vez que arrranco en modo seguro con simbolo del sistema y despues de validarme como usuario con permisos de administrador, solo tengo unos segundos para escribir en la pantalla de ms-dos, despues se superpone la pantalla con el aviso de "please wait while the conection is beeing established".

Aun así, he conseguido ejecutar el fichero polifix.exe (descargado de hoy hace 30 minutos)hasta que finaliza, aunque, cuando manda reinicar el equipo dicho ejecutable, se queda igual en la famosa pantalla.

Una vez reiniciado manualmente, el problema persiste. No veo ningun cambio.

He ejecutado entonces el otl.exe y os adjunto el reporte a continuacion.

Muchas gracias de antemano


OTL logfile created on: 16/05/2012 22:22:51 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = E:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

1013,86 Mb Total Physical Memory | 801,70 Mb Available Physical Memory | 79,07% Memory free
2,39 Gb Paging File | 2,33 Gb Available in Paging File | 97,60% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 144,11 Gb Total Space | 67,09 Gb Free Space | 46,55% Space Free | Partition Type: NTFS
Drive E: | 488,99 Mb Total Space | 76,27 Mb Free Space | 15,60% Space Free | Partition Type: FAT

Computer Name: MINIJORGE | User Name: JPC | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/16 18:50:04 | 000,595,456 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012/05/15 18:13:33 | 000,276,992 | ---- | M] (CJSC "Computing Forces") -- C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe
PRC - [2008/04/14 14:00:00 | 000,403,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - [2012/04/16 11:09:21 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Stopped] -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011/01/20 19:13:14 | 000,021,880 | ---- | M] (Samsung Electronics) [Auto | Stopped] -- C:\Archivos de programa\Samsung\AllShare\AllShareSlideShowService .exe -- (SimpleSlideShowServer)
SRV - [2010/07/26 15:15:26 | 000,217,088 | ---- | M] (Teruten) [Auto | Stopped] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/01/09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E -- (osppsvc)
SRV - [2010/01/09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009/05/19 18:29:58 | 000,107,744 | ---- | M] (SRS Labs, Inc.) [Auto | Stopped] -- C:\Archivos de programa\SRS Labs\SRS Premium Sound\SRS_VolSync.exe -- (SRS_VolSync_Service)
SRV - [2008/11/09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Archivos de programa\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2003/06/20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2003/04/18 20:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvany.exe -- (KMService)


========== Driver Services (SafeList) ==========

DRV - [2011/08/09 14:24:52 | 000,154,136 | ---- | M] (ESET) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2011/08/04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2011/08/04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011/01/29 18:00:20 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011/01/03 10:38:36 | 000,136,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/01/03 10:38:36 | 000,121,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/01/03 10:38:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/07/12 15:49:00 | 000,060,104 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2010/07/12 15:48:00 | 000,073,032 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009/05/18 10:27:10 | 000,233,512 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386. sys -- (SRS_PremiumSound_Service)
DRV - [2009/05/12 17:18:54 | 005,080,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/05/07 22:05:22 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/02/08 00:15:06] [Kernel | Auto | Stopped] -- C:\Archivos de programa\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009/03/27 16:43:42 | 001,529,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/03/02 07:03:46 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/02/09 12:17:28 | 000,019,200 | ---- | M] (Telefónica I+D) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet)
DRV - [2009/02/06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/12/30 10:53:54 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/12/30 10:53:54 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/12/30 10:53:54 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/12/30 10:53:52 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/12/30 10:53:52 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/12/30 10:53:50 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/12/18 12:04:38 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008/12/18 12:04:38 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008/12/18 12:04:38 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008/11/28 19:44:08 | 000,009,728 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2008/11/19 03:21:28 | 000,039,040 | ---- | M] (GenesysLogic Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\uvclf.sys -- (uvclf)
DRV - [2008/11/06 09:49:16 | 000,013,824 | ---- | M] (ZTE) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbccid.sys -- (USBZTECCID)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/08 15:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2006/01/04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source? }
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
IE - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7SKPB_es&ie={inputEnc oding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=kmR2afTG3cXOKiRRRCp0pIvAtZc?q={searchTerm s}
IE - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Archivos de programa\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Archivos de programa\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\ARCHIV~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\ARCHIV~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Archivos de programa\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Archivos de programa\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Archivos de programa\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Archivos de programa\Google\Update\1.3.21.111\npGoogleUpdate3. dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Archivos de programa\Google\Update\1.3.21.111\npGoogleUpdate3. dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Archivos de programa\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\JPC\Configuración local\Datos de programa\Google\Update\1.3.21.111\npGoogleUpdate3. dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\JPC\Configuración local\Datos de programa\Google\Update\1.2.183.39\npGoogleOneClick 8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\JPC\Configuración local\Datos de programa\Google\Update\1.3.21.111\npGoogleUpdate3. dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\BrowserPlusPlugins\569cebb0c599a2ec8c1effbe2e02 4e91\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Ex tensions\\eplgTb@eset.com: C:\Archivos de programa\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/04/17 22:50:34 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google:originalQueryForSuggestion}{go ogle:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEnco ding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}{google:instantFieldTrialGroupParame ter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Documents and Settings\JPC\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2_0\
CHR - Extension: B\u00FAsqueda de Google = C:\Documents and Settings\JPC\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.14_0\
CHR - Extension: Gmail = C:\Documents and Settings\JPC\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\6.1.3_0\

O1 HOSTS File: ([2008/04/14 14:00:00 | 000,000,792 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.5.0_14\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.7227.110 0\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Archivos de programa\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [ZZChw4ZycSefR9n] C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe (CJSC "Computing Forces")
O4 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007..\Run: [Messenger (Yahoo!)] C:\Archivos de programa\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007..\Run: [ZZChw4ZycSefR9n] C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe (CJSC "Computing Forces")
O4 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_ 2_202_233_ActiveX.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\BTTray.lnk = C:\Archivos de programa\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDesktop = 1
O7 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableRegistryTools = 1
O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Enviar a &Bluetooth - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Enviar a Bluetooth - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_14\bin\NPJPI150_14.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Barra de búsqueda de Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265747359812 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1328204574578 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_14-windows-i586.cab (Java Plug-in 1.5.0_14)
O16 - DPF: {CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_14-windows-i586.cab (Java Plug-in 1.5.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_14-windows-i586.cab (Java Plug-in 1.5.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\ARCHIV~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Archivos de programa\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe) - C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe (CJSC "Computing Forces")
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe) - C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe (CJSC "Computing Forces")
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007 Winlogon: Shell - (C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe) - C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe (CJSC "Computing Forces")
O20 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007 Winlogon: UserInit - (C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe) - C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe (CJSC "Computing Forces")
O20 - HKU\S-1-5-21-1184605644-2948563779-1936785607-1007 Winlogon: UserInit - (C:\WINDOWS\System32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igdlogin: DllName - (igdlogin.dll) - C:\WINDOWS\System32\igdlogin.dll ()
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\EeePC_1101_wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\EeePC_1101_wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/12 13:36:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6d683cb7-31fe-11df-b210-0025d370cd3d}\Shell\AutoRun\command - "" = xpbkh.com
O33 - MountPoints2\{6d683cb7-31fe-11df-b210-0025d370cd3d}\Shell\explore\Command - "" = xpbkh.com
O33 - MountPoints2\{6d683cb7-31fe-11df-b210-0025d370cd3d}\Shell\open\Command - "" = xpbkh.com
O33 - MountPoints2\{aa3f682d-bf14-11df-b242-0025d370cd3d}\Shell\AutoRun\command - "" = E:\b9v.exe
O33 - MountPoints2\{aa3f682d-bf14-11df-b242-0025d370cd3d}\Shell\open\Command - "" = E:\b9v.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/15 18:13:48 | 000,276,992 | ---- | C] (CJSC "Computing Forces") -- C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe
[2012/04/21 18:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Configuración local\Datos de programa\Apple
[2012/04/17 22:50:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\ESET
[2012/04/17 22:50:24 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ESET
[2012/04/17 20:06:48 | 000,000,000 | ---D | C] -- C:\9271155d4e399b82d64c55
[2012/04/17 19:16:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JPC\Escritorio\Quique
[2 C:\Documents and Settings\JPC\Mis documentos\*.tmp files -> C:\Documents and Settings\JPC\Mis documentos\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/16 22:24:58 | 000,650,892 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat
[2012/05/16 22:24:58 | 000,576,094 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/16 22:24:58 | 000,139,422 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat
[2012/05/16 22:24:58 | 000,109,208 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/16 22:20:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/16 21:24:00 | 000,000,488 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4ED62E05-63D7-4417-9F83-9DB5CB9A275B}.job
[2012/05/16 21:23:12 | 000,000,484 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FC1720A2-BF5E-41A4-B444-ABEA17C34D7F}.job
[2012/05/16 21:10:36 | 000,295,454 | ---- | M] () -- C:\polifix.exe
[2012/05/15 18:13:33 | 000,276,992 | ---- | M] (CJSC "Computing Forces") -- C:\Documents and Settings\JPC\Datos de programa\BSI.bund.exe
[2012/05/15 10:05:52 | 000,002,629 | ---- | M] () -- C:\Documents and Settings\JPC\Escritorio\Microsoft Outlook 2010.lnk
[2012/05/14 13:49:31 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Cuentas Explotacion.lnk
[2012/05/09 10:22:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/05/07 10:20:55 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/21 18:41:02 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/04/20 11:31:32 | 000,000,745 | ---- | M] () -- C:\BANFAC_G.INI
[2012/04/18 09:59:26 | 000,329,888 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/04/17 23:14:23 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\JPC\Escritorio\NodLogin Force.lnk
[2012/04/17 23:14:23 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\JPC\Escritorio\NodLogin normal.lnk
[2 C:\Documents and Settings\JPC\Mis documentos\*.tmp files -> C:\Documents and Settings\JPC\Mis documentos\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/16 21:10:34 | 000,295,454 | ---- | C] () -- C:\polifix.exe
[2012/03/21 16:45:14 | 000,077,824 | ---- | C] () -- C:\WINDOWS\KMService.exe
[2012/03/21 16:45:14 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\srvany.exe
[2012/01/02 11:19:49 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/26 18:03:48 | 000,000,135 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2011/07/26 13:25:10 | 000,184,224 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\FontCache3.0.0.0.dat
[2011/02/11 15:05:03 | 000,067,640 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/01/29 18:00:24 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/01/29 18:00:22 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/01/29 18:00:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/01/29 18:00:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/01/29 18:00:22 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2010/09/14 19:33:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/09/14 19:33:37 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/09/14 19:22:37 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\JPC\Datos de programa\$_hpcst$.hpc
[2010/06/01 16:21:52 | 000,000,438 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/06/01 16:14:41 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2010/06/01 16:14:40 | 000,000,234 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2010/06/01 16:14:40 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD8860DN.DAT
[2010/06/01 16:04:06 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2010/06/01 16:02:45 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2010/06/01 15:47:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2010/06/01 15:47:39 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010/05/31 12:19:22 | 000,063,488 | ---- | C] () -- C:\Documents and Settings\JPC\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

< End of report > ]]> Foro de Virus y Spywares zeyago http://www.forospyware.com/t426459.html fooool.exe, explorer.exe y substitucion de carpetas en MemoriaSD http://www.forospyware.com/t426455.html Wed, 16 May 2012 21:03:08 GMT Bueno, por empezar muy buenas tardes a todos, vine con el fin de informar, que sinceramente no tengo la menor idea de lo que esta pasando con las memorias. Cada memoria que conecto ( Ya sea mediante un adaptador de memoria ) se infecta con las siguientes cosas. *fooool.exe *explorer.exe... Bueno, por empezar muy buenas tardes a todos, vine con el fin de informar, que sinceramente no tengo la menor idea de lo que esta pasando con las memorias. Cada memoria que conecto ( Ya sea mediante un adaptador de memoria ) se infecta con las siguientes cosas.

*fooool.exe
*explorer.exe
*autorun.inf
*Y las carpetas son substituidas por archivos .exe de 1,44 MB.

Esto pasa en CUALQUIER memoria que conecte a mi pc. Sinceramente es bastante molesto tener que eliminarlos cada vez que conecto la memoria y tener que despues pasar los archivos ocultos a archivos visibles, es bastante molesto ya.

No se nada de Spywares, ni de Malware, asi que necesitaria que por favor me ayudaran.

Saludos!

PD: Esto solo pasa en las memorias que conecto, despues en la PC, no hay problema... ]]> Foro de Virus y Spywares Leam http://www.forospyware.com/t426455.html Uno mas que se une al virus Sgae Ayuda !!! http://www.forospyware.com/t426449.html Wed, 16 May 2012 20:47:11 GMT Pues eso que tengo un portátil que no puedo arrancar ni en modo seguro ni en modo normal me salta el virus sgae. He leído lo del otl, así que voy a ejecutarlo y a esperar que me contestéis para saber lo que tengo que hacer. Salu2 Pues eso que tengo un portátil que no puedo arrancar ni en modo seguro ni en modo normal me salta el virus sgae.
He leído lo del otl, así que voy a ejecutarlo y a esperar que me contestéis para saber lo que tengo que hacer.

Salu2 ]]> Foro de Virus y Spywares juanki.mat http://www.forospyware.com/t426449.html Virus en el explorador Grrrrr...! http://www.forospyware.com/t426445.html Wed, 16 May 2012 20:23:35 GMT hola, soy nuevo en esta pagina y hace unos dias tengo un problema con mi explorador firefox, cada que abro una pagina se me abre una mini imagen sobre la misma que supongo y por lo que estuve viendo es un virus... Al pasar el cursor sobre ella aparece un URL de "EXTENDMEDIA", si alguno me pudiese ayudar y desirme que programas usar por que en si no tengo ninguno del cuales suelen usar... Gracias por la ayuda!! ]]> Foro de Virus y Spywares ks gregn http://www.forospyware.com/t426445.html en mi sesión se escribe la contraseña sola, desesperada... :( http://www.forospyware.com/t426444.html Wed, 16 May 2012 20:20:17 GMT Hola a tod@s! Perdón, puse este post en el foro de windows 7 pero nadie me ha podido ayudar, y un forero me comenta que puede ser problema de virus o hacker en el buscador di con un post en el que un forero tenía el mismo problema que yo o parecido, pero antes de seguir los pasos, prefiero... Hola a tod@s!

Perdón, puse este post en el foro de windows 7 pero nadie me ha podido ayudar, y un forero me comenta que puede ser problema de virus o hacker

en el buscador di con un post en el que un forero tenía el mismo problema que yo o parecido, pero antes de seguir los pasos, prefiero preguntar si debería hacer lo mismo u otros pasos, además he pensado que era mejor escribir uno nuevo por si tenía que pegar los reportes de los programas.

Resulta que desde el sábado (antes lo estuve utilizando y sin ningun problema) cuando enciendo el ordenador me sale una pantalla negra que me dice si quiero iniciar sesión como windows 7 o algo de memoria de arranque. Le doy a windows7, me salen las dos sesiones, la mía y la de invitado. Cuando le doy a la mia, empieza la clave a llenarse de puntos solo, vamos que la contraseña se escribe sola. Borro e intento poner mi contraseña pero no puedo porque me doy cuenta que me coge todos los caracteres excepto la e, como no podia entrar, me metí por la de invitado, copie una e y de esta manera pude cambiar la contraseña y entrar a mi sesión... pero la letra e me sigue sin ir, y no es culpa del teclado... y cada vez que inicio sesión se continuan escribiendo los caracteres solos... ahora este post lo estoy escribiendo con la e copiada y cuando la necesito la pego

Que podría hacer? paso los programas que recomendáis por si es un virus o algo?

Un saludo y gracias estoy un poco perdida!!

p.d: si algun administrador dice que este post staba bien en windows 7, perdón, no es que quisiera abrir otro, así que si pueden borren el post repetido que no sea correcto... gracias! ]]> Foro de Virus y Spywares suetta http://www.forospyware.com/t426444.html Sin internet con virus policia http://www.forospyware.com/t426442.html Wed, 16 May 2012 20:10:04 GMT Hola a todos!! entro porque tengo un problema con un netbook con windows 7 donde se ha metido el dichoso virus de la policia, ya le he pasado el polifix en modo seguro y arranca bien pero el problema es que me deja el pc sin internet, es decir no me reconoce el wifi... es normal eso?? a ver si... Hola a todos!! entro porque tengo un problema con un netbook con windows 7 donde se ha metido el dichoso virus de la policia, ya le he pasado el polifix en modo seguro y arranca bien pero el problema es que me deja el pc sin internet, es decir no me reconoce el wifi... es normal eso?? a ver si podeis orientarme un pocoo ]]> Foro de Virus y Spywares Alba_chata85 http://www.forospyware.com/t426442.html Como renombrar archivos Locked Virus policia. http://www.forospyware.com/t426441.html Wed, 16 May 2012 20:08:28 GMT Hola _Muy buenas a todos soy nuevo en este foro y tengo un grave problema, tenia el virus de la policia que te dice para pagar 100 euros, mas que conocido creo yo, a mi entender lo he quitado con el antimalware,tsskille,ccclenaer, etc. El problema es que me ha renombrado casi todos los archivos de... Hola _Muy buenas a todos soy nuevo en este foro y tengo un grave problema, tenia el virus de la policia que te dice para pagar 100 euros, mas que conocido creo yo, a mi entender lo he quitado con el antimalware,tsskille,ccclenaer, etc. El problema es que me ha renombrado casi todos los archivos de mi equipo desde los .avi .mp3 .jpg y lo peor es que tenia conectado un disco usb y tambien me ha bloqueado todas las fotos, como podria hacer para recuperar esa información tan valiosa que no puedo perder ya que muchisimos trabajos importantes se irian al garete.

Toy probando con el nanodrcyptor de Kapersky pero me da error o no comprendo comno se utiliza, espero vuestra ayuda.

Saludos ]]> Foro de Virus y Spywares Isiux http://www.forospyware.com/t426441.html No se actualiza mi antivirus http://www.forospyware.com/t426434.html Wed, 16 May 2012 19:39:06 GMT Por favor necesito ayuda!::Help:: En notbook tengo instalado Avast, Superantispyware, Malwarebytes y otros mas, pero en NINGUNO PUEDO ACTUALIZAR LA BASE DE VIRUS. Tanto el superantispyware como malwarebytes me detectan algo que al eliminarlos me pide reiniciar, pero al pasarlo nuevamente los... Por favor necesito ayuda!::Help::

En notbook tengo instalado Avast, Superantispyware, Malwarebytes y otros mas, pero en NINGUNO PUEDO ACTUALIZAR LA BASE DE VIRUS.
Tanto el superantispyware como malwarebytes me detectan algo que al eliminarlos me pide reiniciar, pero al pasarlo nuevamente los vuelve a detectar.
Ya intente los "11 pasos" pero todo sigue igual.

Muchas gracias por su ayuda.:Bien:
Saludos ]]> Foro de Virus y Spywares hernanveron http://www.forospyware.com/t426434.html Error al cargar InetCpl.cpl http://www.forospyware.com/t426428.html Wed, 16 May 2012 18:50:56 GMT Hola!
Al pasar Ccleanner sale un aviso que dice: "Error al cargar InetCpl.cpl".Error al ejecutar la operación de paginación.
Asimismo no puedo acceder a Herramientas de IE. Un aviso dice lo siguiente:
Esta operación ha sido cancelada debido a las restricciones específicas para este equipo.Póngase en contacto con el administrador del sistema.
Hice una limpieza con Malwarebyte´s pero no detectó nada.
Alguien puede ayudarme,por favor?
Gracias
Norsiler ]]> Foro de Virus y Spywares Norsiler http://www.forospyware.com/t426428.html Mi pc se puso lenta de repente! http://www.forospyware.com/t426424.html Wed, 16 May 2012 18:18:54 GMT Antes que nada, Buenas un saludo a todos los foreros,he tenido hace 2 días un problema de lentitud en mi pc, fue de un día para otro que presenté este fallo, lo note cuando estaba jugando WoW y al poner la música ésta se entrecortaba y "gagueaba". Cuando prendo la PC y sale la pantalla WINDOWS XP cargando dura como 5 min (antes duraba poco unos 30 seg) luego se pone la pantalla negra sale el mouse nada más y al minuto inicia! intente analizar con Malwarebytes Superantispyware Nod32 online Avast (mi antivirus) y Spybot, lo primero que hice fue limpiarla por dentro a ver si solucionaba el problema porque pense que era por temperatura pero no funciono sigue el mismo problema, si entro a facebook o abro otra aplicación no puedo hacer otra simultáneamente porque se pone super lenta, aveces el mouse se traba tambien necesito su ayuda por favor haré cualquier cosa (no quiero formatear T_T) estas son las características de mi PC:

Windows XP
Pentium 4
RAM 1.25 GB
Video 128 MB :frown:::Help:: ]]> Foro de Virus y Spywares luisman27 http://www.forospyware.com/t426424.html