• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 26

    Problemas con mi windows. '' window dejo de funcionar''

    Resumen del tema: Problemas con mi windows. '' window dejo de funcionar'' - Hola necesito ayuda! No puedo abrir carpetas ni archivos, me sale '' windows ha dejado de funcionar'' y se reinicia solo, y asi siempre. Seguro que es por algo que instale y no es compatible ...

    1. #1
      Usuario Avatar de AnnaMartinson
      Registrado
      abr 2010
      Ubicación
      las palmas
      Mensajes
      13

      Ayuda

      Hola necesito ayuda! No puedo abrir carpetas ni archivos, me sale '' windows ha dejado de funcionar'' y se reinicia solo, y asi siempre. Seguro que es por algo que instale y no es compatible con mi pc. Me baje el programa de HijackThis, y tambien use el ToolBar S&D 1.2.9 XP/Vista,para arreglarlo, y finalmente el combofix, y este es el informe que me da de combofix. !!!!!


      ComboFix 10-04-15.05 - Kiarah 16/04/2010 16:43:39.1.2 - x86
      Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.34.3082.18.3002.1458 [GMT 0:00]
      Running from: c:\users\Kiarah\Documents\Downloads\ComboFix.exe
      SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
      .

      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      c:\$recycle.bin\S-1-5-21-302071074-2093977957-42831547-500
      c:\$recycle.bin\S-1-5-21-4175807671-459958738-1663915890-1001
      c:\$recycle.bin\S-1-5-21-4175807671-459958738-1663915890-500
      c:\program files\Dealio Toolbar
      c:\program files\Dealio Toolbar\IE\4.0.2\config.ini
      c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
      c:\program files\Dealio Toolbar\Res\amazon.gif
      c:\program files\Dealio Toolbar\Res\apple.gif
      c:\program files\Dealio Toolbar\Res\barnes.gif
      c:\program files\Dealio Toolbar\Res\bestbuy.gif
      c:\program files\Dealio Toolbar\Res\dealio_logo.gif
      c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
      c:\program files\Dealio Toolbar\Res\ebay.gif
      c:\program files\Dealio Toolbar\Res\icon_settings.gif
      c:\program files\Dealio Toolbar\Res\macys.gif
      c:\program files\Dealio Toolbar\Res\newegg.gif
      c:\program files\Dealio Toolbar\Res\overstock.gif
      c:\program files\Dealio Toolbar\Res\search-button-hover.gif
      c:\program files\Dealio Toolbar\Res\search-button.gif
      c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
      c:\program files\Dealio Toolbar\Res\search-chevron.gif
      c:\program files\Dealio Toolbar\Res\search_amazon.gif
      c:\program files\Dealio Toolbar\Res\search_dealio.gif
      c:\program files\Dealio Toolbar\Res\search_ebay.gif
      c:\program files\Dealio Toolbar\Res\search_yahoo.gif
      c:\program files\Dealio Toolbar\Res\target.gif
      c:\program files\Dealio Toolbar\Res\walmart.gif
      c:\program files\Dealio Toolbar\Res\widgets.xml
      c:\program files\Dealio Toolbar\WidgiHelper.exe
      c:\program files\Internet Explorer\nshAB78.tmp
      c:\program files\Internet Explorer\nsq794E.tmp
      c:\program files\Internet Explorer\nsq79EB.tmp
      c:\program files\Internet Explorer\nsrA945.tmp
      c:\program files\MyWebSearch
      c:\program files\MyWebSearch\bar\7.bin\MWSOESTB.DLL
      c:\program files\QUAD Utilities
      c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
      c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
      c:\programdata\MPK
      c:\programdata\MPK\1\D0000
      c:\programdata\MPK\1\I40111_6646368518
      c:\programdata\MPK\1\I40111_6681089583
      c:\programdata\MPK\1\I40111_6715810764
      c:\programdata\MPK\1\I40111_6750531366
      c:\programdata\MPK\1\I40111_6785252083
      c:\programdata\MPK\1\I40111_6819972917
      c:\programdata\MPK\1\I40111_6854693750
      c:\programdata\MPK\1\I40111_6889414699
      c:\programdata\MPK\1\I40111_6924135648
      c:\programdata\MPK\1\I40111_6958856366
      c:\programdata\MPK\1\I40111_6993582407
      c:\programdata\MPK\1\I40111_7028306829
      c:\programdata\MPK\1\I40111_7063029514
      c:\programdata\MPK\1\I40111_7097752083
      c:\programdata\MPK\1\I40111_7132474769
      c:\programdata\MPK\1\I40111_7167197454
      c:\programdata\MPK\1\I40111_7201920023
      c:\programdata\MPK\1\I40111_7653316204
      c:\programdata\MPK\1\I40111_7688038773
      c:\programdata\MPK\1\I40111_7722761458
      c:\programdata\MPK\1\I40111_7757484028
      c:\programdata\MPK\1\I40111_7792206713
      c:\programdata\MPK\1\I40111_7826931134
      c:\programdata\MPK\1\I40111_7861653819
      c:\programdata\MPK\1\I40111_7896371181
      c:\programdata\MPK\1\I40111_7931096296
      c:\programdata\MPK\1\I40111_7965813542
      c:\programdata\MPK\1\I40111_8000534491
      c:\programdata\MPK\1\I40111_8035256597
      c:\programdata\MPK\1\I40111_8069976736
      c:\programdata\MPK\1\I40111_8104697338
      c:\programdata\MPK\1\I40111_8139417940
      c:\programdata\MPK\1\I40111_8174138889
      c:\programdata\MPK\1\I40111_8208859954
      c:\programdata\MPK\1\I40111_8243580671
      c:\programdata\MPK\1\I40111_8278301505
      c:\programdata\MPK\1\I40111_8313022801
      c:\programdata\MPK\1\I40111_8347743287
      c:\programdata\MPK\1\I40111_8382464120
      c:\programdata\MPK\1\I40111_8417185417
      c:\programdata\MPK\1\I40111_8451906366
      c:\programdata\MPK\1\I40111_8486626852
      c:\programdata\MPK\1\I40111_8521348032
      c:\programdata\MPK\1\I40111_8556068981
      c:\programdata\MPK\1\I40111_8590789352
      c:\programdata\MPK\1\I40111_8625510417
      c:\programdata\MPK\1\I40111_8660231713
      c:\programdata\MPK\1\I40111_8694952199
      c:\programdata\MPK\1\I40111_8729672917
      c:\programdata\MPK\1\I40111_8764398032
      c:\programdata\MPK\1\I40111_8799115162
      c:\programdata\MPK\1\I40111_8833836921
      c:\programdata\MPK\1\I40111_8868556944
      c:\programdata\MPK\1\I40111_8903278356
      c:\programdata\MPK\1\I40111_8937998727
      c:\programdata\MPK\1\I40111_8972719676
      c:\programdata\MPK\1\I40111_9007440509
      c:\programdata\MPK\1\I40114_7199028009
      c:\programdata\MPK\1\I40114_7221908796
      c:\programdata\MPK\1\I40114_7238081366
      c:\programdata\MPK\1\I40114_7281500463
      c:\programdata\MPK\1\I40115_0750977778
      c:\programdata\MPK\1\I40115_6377080093
      c:\programdata\MPK\1\I40115_6381585532
      c:\programdata\MPK\1\I40118_7705048843
      c:\programdata\MPK\1\S0000
      c:\programdata\MPK\2\D0000
      c:\programdata\MPK\2\S0000
      c:\programdata\MPK\CPDM\cpfm.bin
      c:\programdata\MPK\M0000
      c:\programdata\MPK\S0000
      c:\users\Kiarah\AppData\Local\Temp\RecycleBinDLL[6].dll
      c:\users\Kiarah\AppData\Local\Temp\RecycleBinDLL[7].dll
      c:\users\Kiarah\AppData\Local\Temp\VolumeControlDLL[3].dll
      c:\users\Kiarah\AppData\Roaming\Desktopicon
      c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf

      ----- BITS: Possible infected sites -----

      hxxp://lh6.ggpht.com
      hxxp://lh3.ggpht.com
      hxxp://farm5.static.flickr.com
      hxxp://farm3.static.flickr.com
      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      -------\Service_MyWebSearchService


      ((((((((((((((((((((((((( Files Created from 2010-03-16 to 2010-04-16 )))))))))))))))))))))))))))))))
      .

      2010-04-16 17:00 . 2010-04-16 17:00 -------- d-----w- c:\users\Default\AppData\Local\temp
      2010-04-16 17:00 . 2010-04-16 17:00 -------- d-----w- c:\users\Invitado\AppData\Local\temp
      2010-04-16 15:15 . 2010-04-16 16:38 -------- d-----w- C:\ToolBar SD
      2010-04-16 14:00 . 2010-04-16 14:00 -------- d-----w- c:\users\Kiarah\AppData\Local\Stardock
      2010-04-16 13:50 . 2010-04-16 13:50 -------- d-----w- c:\program files\RK Launcher
      2010-04-16 13:50 . 2010-04-16 13:50 -------- d-----w- c:\program files\tclock2_120
      2010-04-16 13:50 . 2010-04-16 13:50 -------- d-----w- c:\program files\CursorXP
      2010-04-16 13:47 . 2010-04-16 13:51 4154 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
      2010-04-16 13:45 . 2010-04-16 13:45 -------- d-----w- c:\windows\BricoPacks
      2010-04-16 13:40 . 2010-04-16 13:40 15819776 ----a-w- c:\windows\system32\imageres.dll
      2010-04-15 21:28 . 2010-04-15 21:28 -------- d-----w- c:\programdata\Stardock
      2010-04-15 20:46 . 2010-04-15 20:46 -------- d-----w- c:\users\Kiarah\AppData\Roaming\TuneUp Software
      2010-04-15 20:45 . 2010-04-15 20:46 -------- d-----w- c:\programdata\TuneUp Software
      2010-04-15 20:45 . 2010-04-15 20:45 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
      2010-04-15 20:41 . 2010-04-15 20:41 -------- d-----w- C:\4e79f4b2147d7729b251519e86d73f
      2010-04-15 19:40 . 2010-04-15 19:40 -------- d-----w- c:\program files\Windows Installer Clean Up
      2010-04-15 19:39 . 2010-04-15 19:39 -------- d-----w- c:\program files\MSECACHE
      2010-04-15 19:15 . 2010-04-15 19:15 -------- d-----w- c:\programdata\LightScribe
      2010-04-15 18:11 . 2010-04-15 18:11 -------- d-----w- c:\users\Kiarah\AppData\Roaming\Sony
      2010-04-15 18:11 . 2010-04-15 18:11 -------- d-----w- c:\programdata\Sony
      2010-04-15 17:37 . 2010-04-15 17:37 -------- d-----w- c:\users\Kiarah\AppData\Local\Microsoft Corporation
      2010-04-15 17:32 . 2010-04-15 17:33 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
      2010-04-15 16:36 . 2010-02-23 11:32 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
      2010-04-15 16:36 . 2010-02-23 11:32 78848 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
      2010-04-15 16:36 . 2010-02-23 11:32 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
      2010-04-15 16:36 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
      2010-04-15 16:36 . 2010-02-18 14:49 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2010-04-15 16:36 . 2010-02-18 14:49 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe
      2010-04-15 16:35 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll
      2010-04-15 16:32 . 2010-02-18 14:49 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2010-04-15 16:32 . 2010-02-18 14:11 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
      2010-04-15 16:32 . 2010-02-18 11:52 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
      2010-04-15 16:31 . 2010-01-15 00:04 98304 ----a-w- c:\windows\system32\cabview.dll
      2010-04-15 00:53 . 2010-04-15 00:53 -------- d-----w- c:\program files\Trend Micro
      2010-04-14 18:27 . 2010-04-15 17:04 -------- d-----w- c:\program files\Microsoft Security Essentials
      2010-04-14 17:09 . 2010-04-16 13:53 -------- d-----w- c:\program files\MacSearch_v.1.4.3
      2010-04-14 17:08 . 2010-04-16 13:53 -------- d-----w- c:\program files\TrueTransparency
      2010-04-14 17:07 . 2010-04-16 13:53 -------- d-----w- c:\program files\UberIcon
      2010-04-14 17:07 . 2010-04-16 13:53 -------- d-----w- c:\program files\YzShadow
      2010-04-14 17:07 . 2010-04-16 13:49 -------- d-----w- c:\program files\iColorFolder
      2010-04-14 14:10 . 2010-04-15 21:25 -------- d-----w- c:\program files\Stardock
      2010-04-13 20:47 . 2010-04-13 20:47 -------- d-----w- c:\users\Kiarah\AppData\Roaming\MessengerDiscovery 2
      2010-04-12 18:54 . 2010-04-12 18:54 -------- d-----w- C:\5c30e89491f4134af234dfcedd
      2010-04-08 18:58 . 2010-04-08 19:00 -------- d-----w- c:\users\Kiarah\AppData\Roaming\Juce VST Host
      2010-03-30 00:23 . 2010-04-15 15:08 -------- d-----w- c:\program files\Common Files\Macrovision Shared
      2010-03-29 01:26 . 2007-05-21 18:59 210944 ----a-w- c:\windows\system32\msvcrt10.dll
      2010-03-29 01:26 . 2010-03-29 01:26 -------- d-----w- c:\program files\VCW VicMan's Photo Editor
      2010-03-29 01:17 . 2010-03-29 01:17 -------- d-----w- c:\users\Kiarah\.thumbnails
      2010-03-29 01:13 . 2010-03-29 01:21 -------- d-----w- c:\users\Kiarah\.gimp-2.6
      2010-03-29 01:06 . 1998-10-29 16:45 306688 ----a-w- c:\windows\IsUninst.exe
      2010-03-29 00:51 . 2010-03-29 00:51 -------- d-----w- c:\program files\Hofmann
      2010-03-29 00:49 . 2010-04-15 15:05 -------- d-----w- c:\users\Kiarah\AppData\Local\Downloaded Installations

      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2010-04-16 14:01 . 2009-01-21 16:00 -------- d-----w- c:\users\Kiarah\AppData\Roaming\Software Informer
      2010-04-16 11:43 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
      2010-04-16 03:15 . 2008-08-01 11:42 -------- d-----w- c:\programdata\Microsoft Help
      2010-04-16 01:37 . 2009-11-20 23:28 -------- d-----w- c:\users\Kiarah\AppData\Roaming\Spotify
      2010-04-15 21:05 . 2009-12-29 22:44 72224 ----a-w- c:\users\Kiarah\AppData\Local\GDIPFONTCACHEV1.DAT
      2010-04-15 19:45 . 2009-06-13 19:21 -------- d-----w- c:\program files\Image-Line
      2010-04-15 19:45 . 2010-02-10 21:47 -------- d-----w- c:\program files\Common Files\Akamai
      2010-04-15 19:44 . 2009-01-12 15:26 -------- d-----w- c:\program files\Google
      2010-04-15 19:44 . 2009-02-04 18:34 -------- d-----w- c:\program files\Winamp
      2010-04-15 19:22 . 2008-08-01 10:46 -------- d--h--w- c:\program files\InstallShield Installation Information
      2010-04-15 19:22 . 2008-08-01 10:42 -------- d-----w- c:\program files\Hewlett-Packard
      2010-04-15 19:21 . 2008-08-01 11:47 -------- d-----w- c:\program files\CyberLink
      2010-04-15 19:11 . 2008-08-01 11:13 -------- d-----w- c:\programdata\WildTangent
      2010-04-15 18:16 . 2009-01-13 01:55 -------- d-----w- c:\program files\QuickTime
      2010-04-15 18:16 . 2009-01-13 01:55 -------- d-----w- c:\programdata\Apple Computer
      2010-04-15 18:14 . 2009-01-13 01:57 -------- d-----w- c:\program files\iTunes
      2010-04-15 18:14 . 2009-01-13 01:53 -------- d-----w- c:\program files\Common Files\Apple
      2010-04-15 18:12 . 2009-07-22 13:16 -------- d-----w- c:\program files\Sony
      2010-04-15 18:09 . 2009-06-16 11:19 -------- d-----w- c:\program files\HOTALBUMMyBOX
      2010-04-15 17:56 . 2008-08-01 11:46 -------- d-----w- c:\program files\Common Files\Adobe
      2010-04-15 16:39 . 2010-01-02 12:31 -------- d-----w- c:\programdata\Alwil Software
      2010-04-15 15:10 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
      2010-04-15 15:10 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
      2010-04-15 15:10 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
      2010-04-15 15:10 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
      2010-04-15 15:10 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
      2010-04-15 15:08 . 2010-02-11 15:36 -------- d-----w- c:\programdata\FLEXnet
      2010-04-15 15:08 . 2009-02-04 18:49 -------- d-----w- c:\program files\Winamp Toolbar
      2010-04-15 15:08 . 2009-03-05 04:54 -------- d-----w- c:\program files\shARES
      2010-04-15 15:08 . 2009-02-20 02:01 -------- d-----w- c:\program files\myBabylon_English
      2010-04-15 15:08 . 2009-04-13 03:57 -------- d-----w- c:\program files\AresTube2
      2010-04-15 15:05 . 2008-08-01 11:04 -------- d-----w- c:\program files\HP
      2010-04-15 14:42 . 2009-02-04 18:49 -------- d-----w- c:\programdata\Winamp Toolbar
      2010-04-15 14:41 . 2008-08-01 11:56 -------- d-----w- c:\programdata\AOL
      2010-04-15 14:36 . 2009-06-09 18:37 -------- d-----w- c:\program files\ArcSoft
      2010-04-15 05:15 . 2009-06-09 18:54 -------- d-----w- c:\program files\Common Files\Nikon
      2010-04-15 00:05 . 2008-11-03 19:08 -------- d-----w- c:\programdata\CyberLink
      2010-03-19 21:37 . 2009-04-02 09:36 146 ----a-w- c:\users\Kiarah\AppData\Roaming\wklnhst.dat
      2010-03-12 17:57 . 2010-03-12 17:57 56 ---ha-w- c:\windows\system32\ezsidmv.dat
      2010-03-08 23:28 . 2009-02-04 01:58 -------- d-----w- c:\users\Kiarah\AppData\Roaming\Winamp
      2010-03-07 16:17 . 2010-03-07 16:17 -------- d-----w- c:\users\Kiarah\AppData\Roaming\PlayFirst
      2010-03-07 16:17 . 2010-03-07 16:17 94 ----a-w- c:\users\Kiarah\AppData\Local\fusioncache.dat
      2010-03-06 19:37 . 2009-01-20 10:35 -------- d-----w- c:\program files\Common Files\Real
      2010-03-06 19:36 . 2009-01-20 10:35 -------- d-----w- c:\program files\Real
      2010-03-06 19:36 . 2010-03-06 19:36 -------- d-----w- c:\program files\Common Files\xing shared
      2010-03-05 15:04 . 2008-08-01 11:55 588472 ----a-w- c:\windows\system32\ezsvc7x.dll
      2010-03-04 01:36 . 2010-03-04 01:36 -------- d-----w- c:\users\Kiarah\AppData\Roaming\com.adobe.ExMan
      2010-02-24 10:16 . 2009-10-04 17:18 181632 ------w- c:\windows\system32\MpSigStub.exe
      2010-02-23 06:39 . 2010-04-15 16:37 916480 ----a-w- c:\windows\system32\wininet.dll
      2010-02-23 06:33 . 2010-04-15 16:37 71680 ----a-w- c:\windows\system32\iesetup.dll
      2010-02-23 06:33 . 2010-04-15 16:37 109056 ----a-w- c:\windows\system32\iesysprep.dll
      2010-02-23 04:55 . 2010-04-15 16:37 133632 ----a-w- c:\windows\system32\ieUnatt.exe
      2010-02-20 12:50 . 2010-01-26 01:51 -------- d-----w- c:\program files\CDBurnerXP
      2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
      2010-02-17 21:29 . 2006-07-11 16:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
      2010-02-12 10:48 . 2010-03-08 18:07 293376 ----a-w- c:\windows\system32\browserchoice.exe
      2010-01-25 12:48 . 2010-02-23 18:16 472576 ----a-w- c:\windows\system32\secproc_isv.dll
      2010-01-25 12:48 . 2010-02-23 18:16 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
      2010-01-25 12:48 . 2010-02-23 18:16 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
      2010-01-25 12:48 . 2010-02-23 18:16 472064 ----a-w- c:\windows\system32\secproc.dll
      2010-01-25 12:45 . 2010-02-23 18:16 329216 ----a-w- c:\windows\system32\msdrm.dll
      2010-01-25 08:35 . 2010-02-23 18:16 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
      2010-01-25 08:35 . 2010-02-23 18:16 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
      2010-01-25 08:34 . 2010-02-23 18:16 511488 ----a-w- c:\windows\system32\RMActivate.exe
      2010-01-25 08:34 . 2010-02-23 18:16 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
      2010-01-23 09:44 . 2010-02-23 18:16 2048 ----a-w- c:\windows\system32\tzres.dll
      2010-01-18 13:47 . 2009-04-25 16:48 71656 ----a-w- c:\users\Invitado\AppData\Local\GDIPFONTCACHEV1.DAT
      2008-08-01 20:21 . 2008-08-01 20:21 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
      .

      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c905b42-976e-43c1-bc30-fc5937017909}]
      2008-09-15 05:47 1784856 ----a-w- c:\program files\shARES\tbshAR.dll

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
      2008-11-23 22:03 1784856 ----a-w- c:\program files\myBabylon_English\tbmyBa.dll

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{dbbe01d1-5a24-48db-ae99-bd025b80b9e7}]
      2009-03-08 11:28 2079256 ----a-w- c:\program files\AresTube2\tbAres.dll

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      "{dbbe01d1-5a24-48db-ae99-bd025b80b9e7}"= "c:\program files\AresTube2\tbAres.dll" [2009-03-08 2079256]

      [HKEY_CLASSES_ROOT\clsid\{dbbe01d1-5a24-48db-ae99-bd025b80b9e7}]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
      "{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2008-11-23 1784856]
      "{9C905B42-976E-43C1-BC30-FC5937017909}"= "c:\program files\shARES\tbshAR.dll" [2008-09-15 1784856]
      "{DBBE01D1-5A24-48DB-AE99-BD025B80B9E7}"= "c:\program files\AresTube2\tbAres.dll" [2009-03-08 2079256]

      [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

      [HKEY_CLASSES_ROOT\clsid\{9c905b42-976e-43c1-bc30-fc5937017909}]

      [HKEY_CLASSES_ROOT\clsid\{dbbe01d1-5a24-48db-ae99-bd025b80b9e7}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-17 170520]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-17 145944]
      "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
      "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-06-11 468264]
      "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
      "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
      "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-17 30192]
      "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
      "ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2008-07-11 423200]
      "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-03-24 2046816]
      "rkfree"="c:\program files\rkfree\rkfree.exe" [2009-10-23 70144]
      "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
      "MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
      "RealUpgradeHelper"="c:\program files\Common Files\Real\Update_OB\upgrdhlp.exe" [2010-03-06 136744]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "EnableUIADesktopToggle"= 0 (0x0)

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
      "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
      @="Service"

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
      @="Service"

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
      "Google Update"="c:\users\Kiarah\AppData\Local\Google\Update\GoogleUpdate.exe" /c
      "fsm"=

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "HP Health Check Scheduler"=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
      "HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
      "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
      "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
      "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001

      R2 gupdate1c9a175c733cb41;Servicio Google Update (gupdate1c9a175c733cb41);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-10 133104]
      R3 GoogleDesktopManager-110309-193829;Administrador de Google Desktop 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-17 30192]
      R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
      S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-08-19 335240]
      S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-08-19 108552]
      S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
      S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-08-19 908056]
      S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-08-19 297752]
      S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
      S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-04-25 361808]
      S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-04 113664]
      S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2009-12-02 42368]


      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
      rsmsvcs REG_MULTI_SZ ntmssvc

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      ezSharedSvc

      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
      2008-02-26 13:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
      2009-03-08 11:32 128512 ----a-w- c:\windows\System32\advpack.dll
      .
      Contents of the 'Scheduled Tasks' folder

      2010-04-16 c:\windows\Tasks\Google Software Updater.job
      - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-12 14:07]

      2010-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-10 11:45]

      2010-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-10 11:45]

      2010-04-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4175807671-459958738-1663915890-1000Core.job
      - c:\users\Kiarah\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-12 15:45]

      2010-04-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4175807671-459958738-1663915890-1000UA.job
      - c:\users\Kiarah\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-12 15:45]

      2010-04-16 c:\windows\Tasks\User_Feed_Synchronization-{15186705-926F-4159-A234-5C1D45385548}.job
      - c:\windows\system32\msfeedssync.exe [2010-04-15 04:54]
      .
      .
      ------- Supplementary Scan -------
      .
      uDefault_Search_URL = hxxp://www.google.com/ie
      mWindow Title =
      uSearchAssistant = hxxp://www.google.com/ie
      uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
      DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
      DPF: {61FA0CB0-0806-46EA-B784-0F843285BA23} - hxxp://estaticosak1.tuenti.com/client_apps/TuentiPhotoUploader.19605.cab
      FF - ProfilePath - c:\users\Kiarah\AppData\Roaming\Mozilla\Firefox\Profiles\tsyqdxa0.default\
      FF - prefs.js: browser.search.selectedEngine - MyWebSearch
      FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCxdm939YYES&fl=0&ptb=wt4zMx5LoyGdvWG1RpsoHQ&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77c0526a&searchfor=
      FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
      FF - plugin: c:\program files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll
      FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
      FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
      FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
      FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
      FF - plugin: c:\users\Kiarah\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll
      FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

      ---- FIREFOX POLICIES ----
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
      c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
      c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
      .
      .
      ------- File Associations -------
      .
      .scr=PhEdit.scr
      .
      - - - - ORPHANS REMOVED - - - -

      BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
      BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
      Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll



      **************************************************************************

      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2010-04-16 17:08
      Windows 6.0.6001 Service Pack 1 NTFS

      scanning hidden processes ...

      scanning hidden autostart entries ...

      scanning hidden files ...


      c:\users\Kiarah\AppData\Roaming\Microsoft\Windows\Cookies\[email protected] 299 bytes

      scan completed successfully
      hidden files: 1

      **************************************************************************
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------

      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000

      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------

      - - - - - - - > 'Explorer.exe'(1112)
      c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\Microsoft Security Essentials\MsMpEng.exe
      c:\windows\system32\WLANExt.exe
      c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      c:\program files\Bonjour\mDNSResponder.exe
      c:\program files\Common Files\LightScribe\LSSrvc.exe
      c:\program files\CDBurnerXP\NMSAccessU.exe
      c:\progra~1\AVG\AVG8\avgrsx.exe
      c:\progra~1\AVG\AVG8\avgnsx.exe
      c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      c:\windows\system32\DRIVERS\xaudio.exe
      c:\program files\AVG\AVG8\avgcsrvx.exe
      c:\windows\system32\conime.exe
      c:\windows\system32\igfxsrvc.exe
      c:\program files\AVG\AVG8\avgtray.exe
      c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
      c:\program files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
      c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
      c:\program files\Synaptics\SynTP\SynTPHelper.exe
      c:\program files\Windows Live\Messenger\msnmsgr.exe
      c:\users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      c:\users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      c:\users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      c:\users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      c:\users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      c:\users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      c:\users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      c:\users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      c:\users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      .
      **************************************************************************
      .
      Completion time: 2010-04-16 17:25:30 - machine was rebooted
      ComboFix-quarantined-files.txt 2010-04-16 17:25

      Pre-Run: 114.049.085.440 bytes libres
      Post-Run: 114.159.394.816 bytes libres

      - - End Of File - - 458D21AA738BAC2E0A7FC6AE1312C657

      Tengo problemas para abrir archivos y carpetas, me sale '' windows dejo de funcionar'' y se reinicia el escritorio, y sigue sin funcionar. Este es mi informe de Hicjakthis. Espero que me podeis ayudar. Muchisimas gracias !!


      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 19:47:05, on 16/04/2010
      Platform: Windows Vista SP1 (WinNT 6.00.1905)
      MSIE: Internet Explorer v8.00 (8.00.6001.18904)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\Dwm.exe
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\conime.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Windows\System32\hkcmd.exe
      C:\Windows\System32\igfxpers.exe
      C:\Windows\system32\igfxsrvc.exe
      C:\Program Files\HP\QuickPlay\QPService.exe
      C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
      C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
      C:\Program Files\Winamp\winampa.exe
      C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
      C:\Program Files\AVG\AVG8\avgtray.exe
      C:\Program Files\rkfree\rkfree.exe
      C:\Program Files\Microsoft Security Essentials\msseces.exe
      C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
      C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
      C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
      C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Windows\system32\wuauclt.exe
      C:\Program Files\Windows Live\Contacts\wlcomm.exe
      C:\Program Files\Spotify\spotify.exe
      C:\Windows\Explorer.exe
      C:\Users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Kiarah\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Windows\system32\NOTEPAD.EXE
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
      O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (file missing)
      O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
      O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
      O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
      O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
      O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: shARES Toolbar - {9c905b42-976e-43c1-bc30-fc5937017909} - C:\Program Files\shARES\tbshAR.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
      O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll
      O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
      O2 - BHO: AresTube2 Toolbar - {dbbe01d1-5a24-48db-ae99-bd025b80b9e7} - C:\Program Files\AresTube2\tbAres.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O2 - BHO: Loader Class - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - C:\Windows\BricoPacks\LeopardXP\FindeXer.dll
      O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
      O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
      O3 - Toolbar: AresTube2 Toolbar - {dbbe01d1-5a24-48db-ae99-bd025b80b9e7} - C:\Program Files\AresTube2\tbAres.dll
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
      O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
      O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
      O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
      O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
      O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
      O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
      O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
      O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
      O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
      O4 - HKLM\..\Run: [rkfree] "C:\Program Files\rkfree\rkfree.exe" /b
      O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
      O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
      O4 - HKUS\S-1-5-18\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|12.0" (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|12.0" (User 'Default user')
      O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
      O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab
      O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/49.12/uploader2.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/reso...PUpldes-es.cab
      O16 - DPF: {61FA0CB0-0806-46EA-B784-0F843285BA23} (TuentiFotoUploader Control) - http://estaticosak1.tuenti.com/clien...ader.19605.cab
      O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.co...p/PhtPkMSN.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
      O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
      O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
      O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
      O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
      O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Administrador de Google Desktop 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
      O23 - Service: Servicio Google Update (gupdate1c9a175c733cb41) (gupdate1c9a175c733cb41) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
      O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
      O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
      O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

      --
      End of file - 10200 bytes

    2. #2
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.366

      Re: Problemas con mi windows. '' window dejo de funcionar''

      Hola AnnaMartinson bienvenid@ al foro de InfoSpyware

      Antes que nada:

      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.

      Tenes un key logger en tu PC, lo que no se si lo pusiste vos o algún intruso

      Realiza estos pasos

      * Clic en INICIO > EJECUTAR >
      o Y ahí pones notepad.exe y ACEPTAR
      o Ahora copia y pega estos archivos dentro del Notepad (menos la palabra código)




      Código:
      KillAll::
      
      
      File::
      c:\users\Kiarah\AppData\Roaming\wklnhst.dat
      c:\windows\system32\ezsidmv.dat
      C:\Program Files\rkfree\rkfree.exe
      c:\users\Kiarah\AppData\Roaming\Microsoft\Windows\ Cookies\[email protected]
      
      Folder::
      c:\program files\Winamp Toolbar
      c:\program files\shARES
      c:\programdata\Winamp Toolbar
       	
      Registry::
      [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c905b42-976e-43c1-bc30-fc5937017909}]
      
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
      "{9C905B42-976E-43C1-BC30-FC5937017909}"=-
      
      [-HKEY_CLASSES_ROOT\clsid\{9c905b42-976e-43c1-bc30-fc5937017909}]
      
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "rkfree"=-

      * Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

      Antes de usar el CFScript....
      • Desactiva temporalmente el Antivirus y/o Antispyware..
      • Cierra todas las ventanas abiertas. Arrastras el block de notas al icono de ComboFix que tenes en el escritorio, como muestra la imagen de abajo.



      * ComboFix comenzará otra vez a ejecutarse, Cuando termine este generara un reporte que tendrías que pegar en este mismo mensaje.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de AnnaMartinson
      Registrado
      abr 2010
      Ubicación
      las palmas
      Mensajes
      13

      Re: Problemas con mi windows. '' window dejo de funcionar''

      Gracias por ayudarme, este es el informe que me dio combofix.

      ComboFix 10-04-17.01 - Kiarah 17/04/2010 21:25:56.2.2 - x86
      Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.34.3082.18.3002.1663 [GMT 0:00]
      Running from: c:\users\Kiarah\Documents\Downloads\ComboFix.exe
      Command switches used :: c:\users\Kiarah\Desktop\CFScript.txt
      SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

      FILE ::
      "c:\program files\rkfree\rkfree.exe"
      "c:\users\Kiarah\AppData\Roaming\Microsoft\Windows\ Cookies\[email protected]"
      "c:\users\Kiarah\AppData\Roaming\wklnhst.dat"
      "c:\windows\system32\ezsidmv.dat"
      .

      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      c:\program files\rkfree\rkfree.exe
      c:\program files\shARES
      c:\program files\shARES\shARESToolbarHelper.exe
      c:\program files\shARES\tbshAR.dll
      c:\program files\shARES\toolbar.cfg
      c:\program files\shARES\UNWISE.EXE
      c:\program files\shARES\UNWISE.INI
      c:\program files\Winamp Toolbar
      c:\program files\Winamp Toolbar\apopup.dll
      c:\program files\Winamp Toolbar\msvcr71.dll
      c:\program files\Winamp Toolbar\uninstall.exe
      c:\program files\Winamp Toolbar\winamptb.dll
      c:\program files\Winamp Toolbar\winampTbServer.exe
      c:\program files\Winamp Toolbar\winamptbServerPS.dll
      c:\program files\Winamp Toolbar\xprt5.dll
      c:\programdata\Winamp Toolbar
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\menu.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\qap.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\rss.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\staf.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\addsearch.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\blocker.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\branding.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\buttonManager.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\buttons.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\clearprints.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\content.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\custombutton.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\footprints.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\metrics.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\preferences.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\search.js
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\winamptb.cfg
      c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\winamptbres.dll
      c:\users\Kiarah\AppData\Roaming\wklnhst.dat
      c:\windows\system32\ezsidmv.dat

      .
      ((((((((((((((((((((((((( Files Created from 2010-03-17 to 2010-04-17 )))))))))))))))))))))))))))))))
      .

      2010-04-17 21:34 . 2010-04-17 21:36 -------- d-----w- c:\users\Kiarah\AppData\Local\temp
      2010-04-17 21:34 . 2010-04-17 21:34 -------- d-----w- c:\users\Public\AppData\Local\temp
      2010-04-17 21:34 . 2010-04-17 21:34 -------- d-----w- c:\users\Invitado\AppData\Local\temp
      2010-04-17 21:34 . 2010-04-17 21:34 -------- d-----w- c:\users\Default\AppData\Local\temp
      2010-04-16 15:15 . 2010-04-16 16:38 -------- d-----w- C:\ToolBar SD
      2010-04-16 14:00 . 2010-04-16 14:00 -------- d-----w- c:\users\Kiarah\AppData\Local\Stardock
      2010-04-16 13:50 . 2010-04-16 13:50 -------- d-----w- c:\program files\RK Launcher
      2010-04-16 13:50 . 2010-04-16 13:50 -------- d-----w- c:\program files\tclock2_120
      2010-04-16 13:50 . 2010-04-16 13:50 -------- d-----w- c:\program files\CursorXP
      2010-04-16 13:47 . 2010-04-16 13:51 4154 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
      2010-04-16 13:45 . 2010-04-16 13:45 -------- d-----w- c:\windows\BricoPacks
      2010-04-16 13:40 . 2010-04-16 13:40 15819776 ----a-w- c:\windows\system32\imageres.dll
      2010-04-15 21:28 . 2010-04-15 21:28 -------- d-----w- c:\programdata\Stardock
      2010-04-15 20:46 . 2010-04-15 20:46 -------- d-----w- c:\users\Kiarah\AppData\Roaming\TuneUp Software
      2010-04-15 20:45 . 2010-04-15 20:46 -------- d-----w- c:\programdata\TuneUp Software
      2010-04-15 20:45 . 2010-04-15 20:45 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
      2010-04-15 20:41 . 2010-04-15 20:41 -------- d-----w- C:\4e79f4b2147d7729b251519e86d73f
      2010-04-15 19:40 . 2010-04-15 19:40 -------- d-----w- c:\program files\Windows Installer Clean Up
      2010-04-15 19:39 . 2010-04-15 19:39 -------- d-----w- c:\program files\MSECACHE
      2010-04-15 19:15 . 2010-04-15 19:15 -------- d-----w- c:\programdata\LightScribe
      2010-04-15 18:11 . 2010-04-15 18:11 -------- d-----w- c:\users\Kiarah\AppData\Roaming\Sony
      2010-04-15 18:11 . 2010-04-15 18:11 -------- d-----w- c:\programdata\Sony
      2010-04-15 17:37 . 2010-04-15 17:37 -------- d-----w- c:\users\Kiarah\AppData\Local\Microsoft Corporation
      2010-04-15 17:32 . 2010-04-15 17:33 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
      2010-04-15 16:36 . 2010-02-23 11:32 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
      2010-04-15 16:36 . 2010-02-23 11:32 78848 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
      2010-04-15 16:36 . 2010-02-23 11:32 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
      2010-04-15 16:36 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
      2010-04-15 16:36 . 2010-02-18 14:49 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2010-04-15 16:36 . 2010-02-18 14:49 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe
      2010-04-15 16:35 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll
      2010-04-15 16:32 . 2010-02-18 14:49 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2010-04-15 16:32 . 2010-02-18 14:11 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
      2010-04-15 16:32 . 2010-02-18 11:52 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
      2010-04-15 16:31 . 2010-01-15 00:04 98304 ----a-w- c:\windows\system32\cabview.dll
      2010-04-15 00:53 . 2010-04-15 00:53 -------- d-----w- c:\program files\Trend Micro
      2010-04-14 18:27 . 2010-04-15 17:04 -------- d-----w- c:\program files\Microsoft Security Essentials
      2010-04-14 17:09 . 2010-04-16 13:53 -------- d-----w- c:\program files\MacSearch_v.1.4.3
      2010-04-14 17:08 . 2010-04-16 13:53 -------- d-----w- c:\program files\TrueTransparency
      2010-04-14 17:07 . 2010-04-16 13:53 -------- d-----w- c:\program files\UberIcon
      2010-04-14 17:07 . 2010-04-16 13:53 -------- d-----w- c:\program files\YzShadow
      2010-04-14 17:07 . 2010-04-16 13:49 -------- d-----w- c:\program files\iColorFolder
      2010-04-14 14:10 . 2010-04-15 21:25 -------- d-----w- c:\program files\Stardock
      2010-04-13 20:47 . 2010-04-13 20:47 -------- d-----w- c:\users\Kiarah\AppData\Roaming\MessengerDiscovery 2
      2010-04-12 18:54 . 2010-04-12 18:54 -------- d-----w- C:\5c30e89491f4134af234dfcedd
      2010-04-08 18:58 . 2010-04-08 19:00 -------- d-----w- c:\users\Kiarah\AppData\Roaming\Juce VST Host
      2010-03-30 00:23 . 2010-04-15 15:08 -------- d-----w- c:\program files\Common Files\Macrovision Shared
      2010-03-29 01:26 . 2007-05-21 18:59 210944 ----a-w- c:\windows\system32\msvcrt10.dll
      2010-03-29 01:26 . 2010-03-29 01:26 -------- d-----w- c:\program files\VCW VicMan's Photo Editor
      2010-03-29 01:17 . 2010-03-29 01:17 -------- d-----w- c:\users\Kiarah\.thumbnails
      2010-03-29 01:13 . 2010-03-29 01:21 -------- d-----w- c:\users\Kiarah\.gimp-2.6
      2010-03-29 01:06 . 1998-10-29 16:45 306688 ----a-w- c:\windows\IsUninst.exe
      2010-03-29 00:51 . 2010-03-29 00:51 -------- d-----w- c:\program files\Hofmann
      2010-03-29 00:49 . 2010-04-15 15:05 -------- d-----w- c:\users\Kiarah\AppData\Local\Downloaded Installations

      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2010-04-17 21:33 . 2009-10-23 22:26 -------- d-----w- c:\program files\rkfree
      2010-04-16 21:23 . 2009-11-20 23:28 -------- d-----w- c:\users\Kiarah\AppData\Roaming\Spotify
      2010-04-16 14:01 . 2009-01-21 16:00 -------- d-----w- c:\users\Kiarah\AppData\Roaming\Software Informer
      2010-04-16 11:43 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
      2010-04-16 03:15 . 2008-08-01 11:42 -------- d-----w- c:\programdata\Microsoft Help
      2010-04-15 21:05 . 2009-12-29 22:44 72224 ----a-w- c:\users\Kiarah\AppData\Local\GDIPFONTCACHEV1.DAT
      2010-04-15 19:45 . 2009-06-13 19:21 -------- d-----w- c:\program files\Image-Line
      2010-04-15 19:45 . 2010-02-10 21:47 -------- d-----w- c:\program files\Common Files\Akamai
      2010-04-15 19:44 . 2009-01-12 15:26 -------- d-----w- c:\program files\Google
      2010-04-15 19:44 . 2009-02-04 18:34 -------- d-----w- c:\program files\Winamp
      2010-04-15 19:40 . 2010-04-15 19:40 3584 ----a-r- c:\users\Kiarah\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
      2010-04-15 19:22 . 2008-08-01 10:46 -------- d--h--w- c:\program files\InstallShield Installation Information
      2010-04-15 19:22 . 2008-08-01 10:42 -------- d-----w- c:\program files\Hewlett-Packard
      2010-04-15 19:21 . 2008-08-01 11:47 -------- d-----w- c:\program files\CyberLink
      2010-04-15 19:11 . 2008-08-01 11:13 -------- d-----w- c:\programdata\WildTangent
      2010-04-15 18:16 . 2009-01-13 01:55 -------- d-----w- c:\program files\QuickTime
      2010-04-15 18:16 . 2009-01-13 01:55 -------- d-----w- c:\programdata\Apple Computer
      2010-04-15 18:14 . 2009-01-13 01:57 -------- d-----w- c:\program files\iTunes
      2010-04-15 18:14 . 2009-01-13 01:53 -------- d-----w- c:\program files\Common Files\Apple
      2010-04-15 18:12 . 2009-07-22 13:16 -------- d-----w- c:\program files\Sony
      2010-04-15 18:09 . 2009-06-16 11:19 -------- d-----w- c:\program files\HOTALBUMMyBOX
      2010-04-15 17:56 . 2008-08-01 11:46 -------- d-----w- c:\program files\Common Files\Adobe
      2010-04-15 16:39 . 2010-01-02 12:31 -------- d-----w- c:\programdata\Alwil Software
      2010-04-15 15:10 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
      2010-04-15 15:10 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
      2010-04-15 15:10 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
      2010-04-15 15:10 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
      2010-04-15 15:10 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
      2010-04-15 15:08 . 2010-02-11 15:36 -------- d-----w- c:\programdata\FLEXnet
      2010-04-15 15:08 . 2009-02-20 02:01 -------- d-----w- c:\program files\myBabylon_English
      2010-04-15 15:08 . 2009-04-13 03:57 -------- d-----w- c:\program files\AresTube2
      2010-04-15 15:05 . 2008-08-01 11:04 -------- d-----w- c:\program files\HP
      2010-04-15 14:41 . 2008-08-01 11:56 -------- d-----w- c:\programdata\AOL
      2010-04-15 14:36 . 2009-06-09 18:37 -------- d-----w- c:\program files\ArcSoft
      2010-04-15 05:15 . 2009-06-09 18:54 -------- d-----w- c:\program files\Common Files\Nikon
      2010-04-15 00:05 . 2008-11-03 19:08 -------- d-----w- c:\programdata\CyberLink
      2010-03-24 18:17 . 2010-03-24 08:04 952768 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\21878\AdobeARM.exe
      2010-03-24 18:17 . 2010-03-24 08:04 952768 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\16323\AdobeARM.exe
      2010-03-24 18:17 . 2010-03-24 08:04 70584 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\21878\AdobeExtractFiles.dll
      2010-03-24 18:17 . 2010-03-24 08:04 70584 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\16323\AdobeExtractFiles.dll
      2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\21878\ReaderUpdater.exe
      2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\21878\AcrobatUpdater.exe
      2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\16323\ReaderUpdater.exe
      2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\16323\AcrobatUpdater.exe
      2010-03-16 11:20 . 2010-02-08 13:06 2068320 ----a-w- c:\programdata\avg8\update\prepare\avgcorex.dll
      2010-03-08 23:28 . 2009-02-04 01:58 -------- d-----w- c:\users\Kiarah\AppData\Roaming\Winamp
      2010-03-07 16:17 . 2010-03-07 16:17 -------- d-----w- c:\users\Kiarah\AppData\Roaming\PlayFirst
      2010-03-07 16:17 . 2010-03-07 16:17 94 ----a-w- c:\users\Kiarah\AppData\Local\fusioncache.dat
      2010-03-06 19:37 . 2010-03-06 19:37 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
      2010-03-06 19:37 . 2010-03-06 19:37 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
      2010-03-06 19:37 . 2010-03-06 19:37 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
      2010-03-06 19:37 . 2010-03-06 19:37 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
      2010-03-06 19:37 . 2010-03-06 19:37 300616 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
      2010-03-06 19:37 . 2010-03-06 19:37 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
      2010-03-06 19:37 . 2010-03-06 19:37 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
      2010-03-06 19:37 . 2009-01-20 10:35 -------- d-----w- c:\program files\Common Files\Real
      2010-03-06 19:36 . 2009-01-20 10:35 -------- d-----w- c:\program files\Real
      2010-03-06 19:36 . 2010-03-06 19:36 -------- d-----w- c:\program files\Common Files\xing shared
      2010-03-05 19:41 . 2010-03-05 19:41 443912 ----a-w- c:\users\Kiarah\AppData\Roaming\Real\Update\setup3.10\setup.exe
      2010-03-05 15:04 . 2008-08-01 11:55 588472 ----a-w- c:\windows\system32\ezsvc7x.dll
      2010-03-04 01:36 . 2010-03-04 01:36 -------- d-----w- c:\users\Kiarah\AppData\Roaming\com.adobe.ExMan
      2010-02-24 10:16 . 2009-10-04 17:18 181632 ------w- c:\windows\system32\MpSigStub.exe
      2010-02-23 06:39 . 2010-04-15 16:37 916480 ----a-w- c:\windows\system32\wininet.dll
      2010-02-23 06:33 . 2010-04-15 16:37 71680 ----a-w- c:\windows\system32\iesetup.dll
      2010-02-23 06:33 . 2010-04-15 16:37 109056 ----a-w- c:\windows\system32\iesysprep.dll
      2010-02-23 04:55 . 2010-04-15 16:37 133632 ----a-w- c:\windows\system32\ieUnatt.exe
      2010-02-20 12:50 . 2010-01-26 01:51 -------- d-----w- c:\program files\CDBurnerXP
      2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
      2010-02-17 21:29 . 2006-07-11 16:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
      2010-02-12 10:48 . 2010-03-08 18:07 293376 ----a-w- c:\windows\system32\browserchoice.exe
      2010-02-08 13:10 . 2009-12-23 16:56 439816 ----a-w- c:\users\Kiarah\AppData\Roaming\Real\Update\setup3.09\setup.exe
      2010-01-25 12:48 . 2010-02-23 18:16 472576 ----a-w- c:\windows\system32\secproc_isv.dll
      2010-01-25 12:48 . 2010-02-23 18:16 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
      2010-01-25 12:48 . 2010-02-23 18:16 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
      2010-01-25 12:48 . 2010-02-23 18:16 472064 ----a-w- c:\windows\system32\secproc.dll
      2010-01-25 12:45 . 2010-02-23 18:16 329216 ----a-w- c:\windows\system32\msdrm.dll
      2010-01-25 08:35 . 2010-02-23 18:16 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
      2010-01-25 08:35 . 2010-02-23 18:16 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
      2010-01-25 08:34 . 2010-02-23 18:16 511488 ----a-w- c:\windows\system32\RMActivate.exe
      2010-01-25 08:34 . 2010-02-23 18:16 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
      2010-01-23 09:44 . 2010-02-23 18:16 2048 ----a-w- c:\windows\system32\tzres.dll
      2010-01-18 13:47 . 2009-04-25 16:48 71656 ----a-w- c:\users\Invitado\AppData\Local\GDIPFONTCACHEV1.DAT
      2008-08-01 20:21 . 2008-08-01 20:21 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
      .

      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
      2008-11-23 22:03 1784856 ----a-w- c:\program files\myBabylon_English\tbmyBa.dll

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{dbbe01d1-5a24-48db-ae99-bd025b80b9e7}]
      2009-03-08 11:28 2079256 ----a-w- c:\program files\AresTube2\tbAres.dll

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      "{dbbe01d1-5a24-48db-ae99-bd025b80b9e7}"= "c:\program files\AresTube2\tbAres.dll" [2009-03-08 2079256]

      [HKEY_CLASSES_ROOT\clsid\{dbbe01d1-5a24-48db-ae99-bd025b80b9e7}]

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
      "{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2008-11-23 1784856]
      "{DBBE01D1-5A24-48DB-AE99-BD025B80B9E7}"= "c:\program files\AresTube2\tbAres.dll" [2009-03-08 2079256]

      [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]

      [HKEY_CLASSES_ROOT\clsid\{dbbe01d1-5a24-48db-ae99-bd025b80b9e7}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-17 170520]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-17 145944]
      "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
      "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-06-11 468264]
      "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
      "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
      "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-17 30192]
      "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
      "ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2008-07-11 423200]
      "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-03-24 2046816]
      "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
      "MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
      "RealUpgradeHelper"="c:\program files\Common Files\Real\Update_OB\upgrdhlp.exe" [2010-03-06 136744]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "EnableUIADesktopToggle"= 0 (0x0)

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
      "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
      @="Service"

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
      @="Service"

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
      "Google Update"="c:\users\Kiarah\AppData\Local\Google\Update\GoogleUpdate.exe" /c
      "fsm"=

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "HP Health Check Scheduler"=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
      "HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
      "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
      "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
      "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001

      R2 gupdate1c9a175c733cb41;Servicio Google Update (gupdate1c9a175c733cb41);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-10 133104]
      R3 GoogleDesktopManager-110309-193829;Administrador de Google Desktop 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-17 30192]
      R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
      S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-08-19 335240]
      S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-08-19 108552]
      S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
      S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-08-19 908056]
      S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-08-19 297752]
      S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
      S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-04-25 361808]
      S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-04 113664]
      S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2009-12-02 42368]


      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
      rsmsvcs REG_MULTI_SZ ntmssvc

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      ezSharedSvc

      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
      2008-02-26 13:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
      2009-03-08 11:32 128512 ----a-w- c:\windows\System32\advpack.dll
      .
      Contents of the 'Scheduled Tasks' folder

      2010-04-17 c:\windows\Tasks\Google Software Updater.job
      - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-12 14:07]

      2010-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-10 11:45]

      2010-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-10 11:45]

      2010-04-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4175807671-459958738-1663915890-1000Core.job
      - c:\users\Kiarah\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-12 15:45]

      2010-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4175807671-459958738-1663915890-1000UA.job
      - c:\users\Kiarah\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-12 15:45]

      2010-04-17 c:\windows\Tasks\User_Feed_Synchronization-{15186705-926F-4159-A234-5C1D45385548}.job
      - c:\windows\system32\msfeedssync.exe [2010-04-15 04:54]
      .
      .
      ------- Supplementary Scan -------
      .
      uDefault_Search_URL = hxxp://www.google.com/ie
      mWindow Title =
      uSearchAssistant = hxxp://www.google.com/ie
      uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
      DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
      DPF: {61FA0CB0-0806-46EA-B784-0F843285BA23} - hxxp://estaticosak1.tuenti.com/client_apps/TuentiPhotoUploader.19605.cab
      FF - ProfilePath - c:\users\Kiarah\AppData\Roaming\Mozilla\Firefox\Profiles\tsyqdxa0.default\
      FF - prefs.js: browser.search.selectedEngine - MyWebSearch
      FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCxdm939YYES&fl=0&ptb=wt4zMx5LoyGdvWG1RpsoHQ&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77c0526a&searchfor=
      FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
      FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

      ---- FIREFOX POLICIES ----
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
      c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
      c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
      c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
      c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
      c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
      .
      - - - - ORPHANS REMOVED - - - -

      AddRemove-Winamp Toolbar - c:\program files\Winamp Toolbar\uninstall.exe



      **************************************************************************
      scanning hidden processes ...

      scanning hidden autostart entries ...

      scanning hidden files ...

      scan completed successfully
      hidden files:

      **************************************************************************
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------

      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000

      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------

      - - - - - - - > 'Explorer.exe'(3268)
      c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\Microsoft Security Essentials\MsMpEng.exe
      c:\windows\system32\WLANExt.exe
      c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      c:\program files\Bonjour\mDNSResponder.exe
      c:\program files\Common Files\LightScribe\LSSrvc.exe
      c:\program files\CDBurnerXP\NMSAccessU.exe
      c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      c:\progra~1\AVG\AVG8\avgrsx.exe
      c:\progra~1\AVG\AVG8\avgnsx.exe
      c:\windows\system32\DRIVERS\xaudio.exe
      c:\program files\AVG\AVG8\avgcsrvx.exe
      c:\windows\system32\conime.exe
      c:\windows\system32\igfxsrvc.exe
      c:\program files\AVG\AVG8\avgtray.exe
      c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
      c:\program files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
      c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
      c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
      c:\program files\Synaptics\SynTP\SynTPHelper.exe
      c:\windows\servicing\TrustedInstaller.exe
      c:\program files\Apple Software Update\SoftwareUpdate.exe
      .
      **************************************************************************
      .
      Completion time: 2010-04-17 22:48:05 - machine was rebooted
      ComboFix-quarantined-files.txt 2010-04-17 22:47
      ComboFix2.txt 2010-04-16 17:25

      Pre-Run: 115.988.258.816 bytes libres
      Post-Run: 116.277.370.880 bytes libres

      - - End Of File - - 5DBDD92286CCA48FFFE64F344E7CF7C8

    4. #4
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.366

      Re: Problemas con mi windows. '' window dejo de funcionar''

      Anna busca y elimina esta carpeta:

      c:\program files\rkfree

      No comentas si los problemas fueron solucionados para dar el tema como solucionado

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de AnnaMartinson
      Registrado
      abr 2010
      Ubicación
      las palmas
      Mensajes
      13

      Re: Problemas con mi windows. '' window dejo de funcionar''

      Ya lo elimine. Que hago ahora?

    6. #6
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.366

      Re: Problemas con mi windows. '' window dejo de funcionar''

      Que comentes si los problemas fueron solucionados

      Así te mando a desinstalar combofix

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de AnnaMartinson
      Registrado
      abr 2010
      Ubicación
      las palmas
      Mensajes
      13

      Re: Problemas con mi windows. '' window dejo de funcionar''

      Que va. Osea, el problema que tengo es que, abro mis carpetas, pero me sale que '' windows dejo de funcionar'' y se me reincia el escritorio, y asi siempre. creo que es por algun programa No compatible con mi pc.

    8. #8
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.366

      Re: Problemas con mi windows. '' window dejo de funcionar''

      El problema ese no es por causas de malwares, es un problema del SO

      Descarga UsbFix By Chiquitine29.

      *Nota* Para ejecutar UsbFix.exe, siga estos pasos:

      • Conecte todos sus dispositivos extraibles, Pendrive\Micro SD, etc.
      • Haga doble Click sobre USBFix
      • Elija el idioma que desea, si es Castellano pulse C
      • Seguido teclee la opción 2 - Eliminar \ Deleting
      • El proceso de desinfección se iniciará, el ordenador se reiniciará.
      • Cuando Windows inicie, USBFix, arrancará en automático, para complementar el proceso de desinfección y vacunación.
      • USBFix, genera un reporte, el cual se encuentra generalmente en C:\USBFix.txt
      Nota: UsbFix creará una carpeta oculta llamada "autorun.inf" en cada partición y cada unidad USB que se encuentre conectado al momento de ejecutar este. No elimine esta carpeta ... eso le ayudará a proteger sus dispositivos USB de futuras infecciones.

      ejecuta CCleaner, para limpiar cookies, temporales y el Registro. Úselo de acuerdo a su manual.


      * Hace un Examen o Scandisk a tu disco duro.
      * Hace una desfragmentacion a tu disco duro.
      * Descarga y Ejecuta: Glary Utilities.
      * Descarga y/o actualiza JAVA.

      Tema de interes:
      * Eliminar lentitud en Windows.
      Última edición por Damianl_77 fecha: 17/04/10 a las 21:02:25

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de AnnaMartinson
      Registrado
      abr 2010
      Ubicación
      las palmas
      Mensajes
      13

      Re: Problemas con mi windows. '' window dejo de funcionar''

      Aqui esta el reporte de Usbfix:


      ############################## | UsbFix V6.105 |

      User : Kiarah (Administradores) # KIARAH1
      Update on 17/04/2010 by El Desaparecido , C_XX & Chimay8
      Start at: 1:57:49 | 18/04/2010
      Website : http://pagesperso-orange.fr/NosTools/index.html
      Contact : [email protected]

      Genuine Intel(R) CPU T1600 @ 1.66GHz
      Microsoft® Windows Vista™ Home Basic (6.0.6001 32-bit) # Service Pack 1
      Internet Explorer 8.0.6001.18904
      Windows Firewall Status : Enabled

      C:\ -> Disco fijo local # 289,71 Go (107,93 Go free) # NTFS
      D:\ -> Disco fijo local # 8,38 Go (1,6 Go free) [PRESARIO_RP] # NTFS
      E:\ -> Disco CD-ROM

      ################## | Archivos # Carpetas infectadas |

      Suprimido ! C:\Users\Kiarah\Google_Updater.exe
      Suprimido ! C:\Users\Kiarah\HiYo_Install.exe
      Suprimido ! C:\Users\Kiarah\PrtScrSetup.exe
      Suprimido ! C:\Users\Kiarah\setup.exe
      Suprimido ! C:\Users\Kiarah\wlsetup-custom.exe
      Suprimido ! C:\$Recycle.Bin\S-1-5-21-4175807671-459958738-1663915890-1000
      Suprimido ! D:\$Recycle.Bin\S-1-5-21-4175807671-459958738-1663915890-1000
      Suprimido ! D:\$Recycle.Bin\S-1-5-21-4175807671-459958738-1663915890-1001
      Suprimido ! D:\$Recycle.Bin\S-1-5-21-4175807671-459958738-1663915890-500
      Suprimido ! D:\$Recycle.Bin\S-1-5-21-4175807671-459958738-1663915890-501

      ################## | Registro |

      Suprimido ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
      Suprimido ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

      ################## | Mountpoints2 |


      ################## | Listado de objetos encontrados |

      [18/09/2006 21:43|--a------|24] C:\autoexec.bat
      [27/01/2009 00:10|--a------|832] C:\Autorun_dll.log
      [21/01/2008 02:34|-rahs----|333203] C:\bootmgr
      [17/04/2010 22:48|--a------|30763] C:\ComboFix.txt
      [18/09/2006 21:43|--a------|10] C:\config.sys
      [?|?|?] C:\hiberfil.sys
      [27/03/2009 21:16|-rahs----|0] C:\IO.SYS
      [06/01/2009 11:52|--ah-----|373] C:\IPH.PH
      [27/03/2009 21:16|-rahs----|0] C:\MSDOS.SYS
      [23/11/2004 19:22|--a------|5743] C:\nsc8C9C.tmp
      [18/01/2004 12:48|--a------|1354] C:\nsc8F12.tmp
      [07/01/2004 17:35|--a------|23187] C:\nsc9227.tmp
      [07/01/2004 17:35|--a------|16620] C:\nsc9276.tmp
      [07/01/2004 17:35|--a------|10363] C:\nsc92C5.tmp
      [07/01/2004 17:35|--a------|18639] C:\nsc953C.tmp
      [07/01/2004 17:35|--a------|18130] C:\nsc958B.tmp
      [07/01/2004 17:35|--a------|27684] C:\nsc97B3.tmp
      [07/01/2004 17:35|--a------|27684] C:\nsc9802.tmp
      [24/11/2004 20:11|--a------|515] C:\nsh8D0A.tmp
      [07/01/2004 17:35|--a------|22200] C:\nsh906D.tmp
      [07/01/2004 18:36|--a------|12982] C:\nsh9382.tmp
      [07/01/2004 17:35|--a------|17671] C:\nsh93D1.tmp
      [07/01/2004 17:35|--a------|15156] C:\nsh95F9.tmp
      [23/07/2004 04:30|--a------|180224] C:\nsm8E16.tmp
      [31/10/2007 05:11|--a------|464] C:\nsm8EB3.tmp
      [07/01/2004 17:35|--a------|19757] C:\nsm9179.tmp
      [07/01/2004 17:35|--a------|15156] C:\nsm91C8.tmp
      [07/01/2004 17:35|--a------|15916] C:\nsm948E.tmp
      [07/01/2004 17:35|--a------|15474] C:\nsm94DD.tmp
      [07/01/2004 17:35|--a------|22716] C:\nsm9705.tmp
      [07/01/2004 17:35|--a------|21211] C:\nsm9754.tmp
      [23/07/2004 04:33|--a------|8041] C:\nss8F71.tmp
      [07/01/2004 17:35|--a------|18135] C:\nss8FC0.tmp
      [07/01/2004 17:35|--a------|22200] C:\nss900F.tmp
      [07/01/2004 17:35|--a------|21622] C:\nss9324.tmp
      [07/01/2004 17:35|--a------|22681] C:\nss98AF.tmp
      [07/01/2006 15:14|--a------|1150] C:\nstDF1F.tmp
      [23/11/2004 19:22|--a------|7474] C:\nsx8D69.tmp
      [18/01/2004 05:02|--a------|5967] C:\nsx8DB8.tmp
      [07/01/2004 17:35|--a------|18135] C:\nsx90CC.tmp
      [07/01/2004 17:35|--a------|18135] C:\nsx911B.tmp
      [07/01/2004 17:35|--a------|11700] C:\nsx9430.tmp
      [07/01/2004 17:35|--a------|19637] C:\nsx9658.tmp
      [07/01/2004 17:35|--a------|13851] C:\nsx96A7.tmp
      [?|?|?] C:\pagefile.sys
      [16/06/2009 11:21|--a------|186] C:\picsetup.log
      [16/04/2010 16:38|--a------|4116] C:\TB.txt
      [18/04/2010 02:03|--a------|3966] C:\UsbFix.txt
      [06/01/2009 11:49|---hs----|13] D:\BLOCK.RIN
      [03/10/2006 23:02|---hs----|438328] D:\bootmgr
      [26/03/2008 16:08|---hs----|1089] D:\Desktop.ini
      [10/09/2002 16:14|---hs----|8134] D:\Folder.htt
      [18/04/2010 01:57|--ahs----|164] D:\MASTER.LOG
      [29/01/2007 17:59|---hs----|109342] D:\protect.chinese hong kong
      [29/01/2007 17:59|---hs----|109360] D:\protect.chinese simplified
      [29/01/2007 17:59|---hs----|109342] D:\protect.chinese traditional
      [14/02/2007 18:30|---hs----|111653] D:\protect.czech
      [29/01/2007 17:55|---hs----|109124] D:\protect.danish
      [29/01/2007 17:57|---hs----|109049] D:\protect.dutch
      [29/01/2007 17:55|---hs----|109092] D:\protect.ed
      [29/01/2007 17:55|---hs----|109092] D:\protect.english
      [29/01/2007 17:56|---hs----|109092] D:\protect.finnish
      [29/01/2007 17:56|---hs----|109060] D:\protect.french
      [29/01/2007 17:55|---hs----|109094] D:\protect.german
      [14/02/2007 18:38|---hs----|112541] D:\protect.greek
      [14/02/2007 18:40|---hs----|112375] D:\protect.hebrew
      [28/08/2007 14:57|---hs----|111475] D:\protect.hungarian
      [29/01/2007 17:56|---hs----|108979] D:\protect.italian
      [29/01/2007 17:57|---hs----|109795] D:\protect.japanese
      [29/01/2007 17:57|---hs----|109487] D:\protect.korean
      [14/02/2007 18:44|---hs----|111402] D:\protect.norwegian
      [14/02/2007 18:45|---hs----|111585] D:\protect.polish
      [14/02/2007 18:46|---hs----|111448] D:\protect.portuguese
      [14/02/2007 18:46|---hs----|111697] D:\protect.portuguese brazilian
      [29/01/2007 17:58|---hs----|163804] D:\protect.russian
      [29/01/2007 17:55|---hs----|109016] D:\protect.spanish
      [14/02/2007 18:48|---hs----|111445] D:\protect.swedish
      [14/02/2007 18:49|---hs----|111598] D:\protect.turkish

      ################## | Vacunación |

      # C:\autorun.inf -> Autorun.inf creada por UsbFix (El Desaparecido).
      # D:\autorun.inf -> Autorun.inf creada por UsbFix (El Desaparecido).

      ################## | Upload |

      Por favor, envie el archivo : C:\UsbFix_Upload_Me_Kiarah1.zip : http://chiquitine.changelog.fr/Sample/Upload.php
      Gracias por su contribución .

      ################## | ! Fin del reporte # UsbFix V6.105 ! |

    10. #10
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.366

      Re: Problemas con mi windows. '' window dejo de funcionar''

      USBFix elimino algunos archivos:

      Subí alguno de estos a virus total para analizar:

      C:\nsc8C9C.tmp

      Cuando termines con los otros procedimientos, comprobás los resultados y traes el informe de virus total.


      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 3 123 ÚltimoÚltimo