• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 18 de 18

    Mi navegador obliga a visitar www.globalsources.com

    Hola.. Permiso @ M4RTYN Realiza estos pasos por favor.. - Descarga la herramienta ComboFix.exe y guárdala en el escritorio. Desactiva temporalmente el Antivirus y/o Antispyware. Cierra todas las ventanas abiertas. Hacele doble clic al archivo ...

    1. #11
      Moderador
      Avatar de @JonathanM
      Registrado
      may 2006
      Ubicación
      Chile
      Mensajes
      11.675

      Re: Mi navegador obliga a visitar www.globalsources.com

      Hola..

      Permiso @M4RTYN

      Realiza estos pasos por favor..

      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      Salu2
      Recuerda volver y contarnos los resltados
      <¡D3vIL!>

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    2. #12
      Usuario Avatar de Lamiqui
      Registrado
      ago 2012
      Ubicación
      Venezuela
      Mensajes
      11

      Re: Mi navegador obliga a visitar www.globalsources.com

      Hola ¡D3vIL! y M4RTYN, gracias a ambos por estar pendientes y ayudarme. Ya hice lo del ComboFix, y copio a continuación el reporte del archivo de texto. Voy a usar la máquina y a ver si el problema persiste. Les estoy avisando y muchas gracias!
      Lamiqui.


      ComboFix 12-09-01.01 - Lourdes 02/09/2012 16:16:01.1.4 - x64
      Microsoft Windows 7 Home Premium 6.1.7600.0.1252.58.3082.18.3893.2296 [GMT -4,5:30]
      Running from: c:\users\Lourdes\Desktop\ComboFix.exe
      AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
      AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
      AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
      FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
      SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
      SP: Norton AntiVirus *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
      SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\programdata\FullRemove.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-02 to 2012-09-02 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-02 20:52 . 2012-09-02 20:52 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-08-29 22:41 . 2011-03-10 22:35 57928 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
      2012-08-20 20:41 . 2012-08-20 20:41 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
      2012-08-20 19:40 . 2012-06-29 18:25 22528 ----a-w- c:\windows\AT-Uninstall.exe
      2012-08-20 19:40 . 2012-03-13 03:57 11776 ----a-w- c:\windows\Colous.exe
      2012-08-20 19:40 . 2008-03-25 15:09 69660 ----a-w- c:\windows\Fart.exe
      2012-08-18 03:13 . 2012-08-18 03:14 -------- d-----w- c:\users\Lourdes\AppData\Local\Microsoft Games
      2012-08-18 02:32 . 2012-08-18 02:32 -------- d-----w- c:\users\Lourdes\AppData\Roaming\Malwarebytes
      2012-08-18 02:31 . 2012-08-18 02:31 -------- d-----w- c:\programdata\Malwarebytes
      2012-08-18 02:31 . 2012-07-03 18:16 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-08-18 02:31 . 2012-08-18 02:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2012-08-18 00:31 . 2012-08-18 00:31 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
      2012-08-16 04:21 . 2012-08-16 04:21 -------- d-----w- c:\users\Lourdes\AppData\Roaming\Panda Security
      2012-08-16 04:18 . 2012-08-16 04:18 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
      2012-08-16 04:18 . 2012-08-16 04:18 -------- d-----w- c:\users\Lourdes\AppData\Local\panda2_0dn
      2012-08-16 04:18 . 2012-09-02 18:04 -------- d-----w- c:\programdata\Panda Security URL Filtering
      2012-08-16 04:17 . 2012-08-16 04:18 -------- d-----w- c:\program files (x86)\Panda Security
      2012-08-16 04:17 . 2012-08-16 04:17 -------- d-----w- c:\programdata\Panda Security
      2012-08-15 16:57 . 2012-08-23 14:19 -------- d-----w- c:\users\Lourdes\AppData\Local\CrashDumps
      2012-08-14 22:23 . 2012-08-14 22:23 -------- d-----w- c:\program files (x86)\smartdl
      2012-08-11 01:27 . 2009-05-18 17:47 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
      2012-08-11 01:27 . 2008-04-17 16:42 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
      2012-08-11 01:27 . 2008-04-17 16:42 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
      2012-08-11 01:26 . 2012-08-11 01:26 -------- d-----w- c:\program files\iPod
      2012-08-11 01:26 . 2012-08-11 01:27 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
      2012-08-11 01:26 . 2012-08-11 01:27 -------- d-----w- c:\program files\iTunes
      2012-08-11 01:26 . 2012-08-11 01:27 -------- d-----w- c:\program files (x86)\iTunes
      2012-08-11 01:20 . 2012-08-11 01:20 -------- d-----w- c:\program files\Common Files\Apple
      2012-08-11 01:20 . 2012-08-11 01:20 -------- d-----w- c:\program files\Bonjour
      2012-08-11 01:20 . 2012-08-11 01:20 -------- d-----w- c:\program files (x86)\Bonjour
      2012-08-10 03:22 . 2012-08-10 03:22 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
      2012-08-10 03:03 . 2012-08-10 05:16 -------- d-----w- c:\program files\Symantec
      2012-08-10 03:03 . 2012-08-10 05:15 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
      2012-08-10 03:03 . 2012-08-10 03:03 -------- d-----w- c:\program files\Common Files\Symantec Shared
      2012-08-10 03:03 . 2012-08-29 22:42 -------- d-----w- c:\windows\system32\drivers\NAVx64
      2012-08-10 03:03 . 2012-08-10 03:03 -------- d-----w- c:\program files (x86)\Norton AntiVirus
      2012-08-10 03:03 . 2012-08-10 03:04 -------- d-----w- c:\programdata\Norton
      2012-08-10 03:02 . 2012-08-10 03:02 -------- d-----w- c:\program files (x86)\NortonInstaller
      2012-08-07 22:10 . 2012-08-07 22:10 207289 ----a-w- C:\torrent.exe
      2012-08-07 18:27 . 2009-10-10 03:17 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
      2012-08-07 15:21 . 2012-08-07 15:21 -------- d-----w- c:\users\Lourdes\AppData\Roaming\Avira
      2012-08-07 15:19 . 2012-08-14 01:46 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
      2012-08-07 15:19 . 2012-08-14 01:46 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
      2012-08-07 15:19 . 2011-12-16 14:20 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
      2012-08-07 15:19 . 2012-08-07 15:19 -------- d-----w- c:\programdata\Avira
      2012-08-07 15:19 . 2012-08-07 15:19 -------- d-----w- c:\program files (x86)\Avira
      2012-08-06 16:57 . 2012-08-06 16:57 -------- d-----w- c:\programdata\XoftSpySE
      2012-08-06 13:47 . 2012-08-06 13:47 -------- d-----w- c:\users\Lourdes\AppData\Local\Symantec
      2012-08-06 13:45 . 2012-08-06 13:45 58288 ----a-w- c:\windows\system32\snacnp.dll
      2012-08-06 13:45 . 2012-08-06 13:45 287152 ----a-w- c:\windows\system32\SymVPN.dll
      2012-08-06 13:41 . 2012-08-06 13:41 -------- d-----w- c:\programdata\Symantec
      2012-08-04 17:13 . 2012-08-04 17:13 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{043284BB-E96A-42BC-80C9-73A9D103BBF4}\offreg.dll
      2012-08-04 17:11 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{043284BB-E96A-42BC-80C9-73A9D103BBF4}\mpengine.dll
      2012-08-04 02:28 . 2012-08-04 02:28 -------- d-----w- c:\program files (x86)\Oracle
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-08-24 01:43 . 2012-05-04 02:09 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-08-24 01:43 . 2012-05-04 02:09 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-07-13 11:32 . 2012-07-13 11:32 130088 ----a-w- c:\windows\system32\drivers\PSINProt.sys
      2012-07-13 11:32 . 2012-07-13 11:32 205352 ----a-w- c:\windows\system32\drivers\PSINKNC.sys
      2012-07-13 11:32 . 2012-07-13 11:32 123944 ----a-w- c:\windows\system32\drivers\PSINProc.sys
      2012-07-13 11:32 . 2012-07-13 11:32 167464 ----a-w- c:\windows\system32\drivers\PSINAflt.sys
      2012-07-13 11:32 . 2012-07-13 11:32 119336 ----a-w- c:\windows\system32\drivers\PSINFile.sys
      2012-07-12 15:48 . 2012-07-12 15:48 219688 ----a-w- c:\windows\system32\drivers\NNSStrm.sys
      2012-07-06 02:36 . 2012-05-08 01:12 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2012-07-06 02:36 . 2012-05-08 01:12 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2012-07-03 16:21 . 2012-05-10 00:18 285328 ----a-w- c:\windows\system32\aswBoot.exe
      2012-07-03 07:49 . 2012-07-15 19:29 59701280 ----a-w- c:\windows\system32\MRT.exe
      2012-06-27 20:21 . 2012-06-27 20:21 105000 ----a-w- c:\windows\system32\drivers\NNStlsc.sys
      2012-06-27 20:21 . 2012-06-27 20:21 112680 ----a-w- c:\windows\system32\drivers\NNSSmtp.sys
      2012-06-27 20:21 . 2012-06-27 20:21 109096 ----a-w- c:\windows\system32\drivers\NNSPrv.sys
      2012-06-27 20:21 . 2012-06-27 20:21 68648 ----a-w- c:\windows\system32\drivers\NNSPihsw.sys
      2012-06-27 20:21 . 2012-06-27 20:21 304680 ----a-w- c:\windows\system32\drivers\NNSProt.sys
      2012-06-27 20:21 . 2012-06-27 20:21 116776 ----a-w- c:\windows\system32\drivers\NNSPop3.sys
      2012-06-27 20:21 . 2012-06-27 20:21 93224 ----a-w- c:\windows\system32\drivers\NNSpicc.sys
      2012-06-27 20:21 . 2012-06-27 20:21 33320 ----a-w- c:\windows\system32\drivers\NNSNAHSL.sys
      2012-06-27 20:21 . 2012-06-27 20:21 113192 ----a-w- c:\windows\system32\drivers\NNSIds.sys
      2012-06-27 20:21 . 2012-06-27 20:21 89128 ----a-w- c:\windows\system32\drivers\NNSAlpc.sys
      2012-06-27 20:21 . 2012-06-27 20:21 116776 ----a-w- c:\windows\system32\drivers\NNSHttp.sys
      2012-06-22 20:05 . 2012-07-30 23:02 251560 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
      2012-06-12 03:02 . 2012-07-15 19:45 3147264 ----a-w- c:\windows\system32\win32k.sys
      2012-06-09 05:30 . 2012-07-15 17:53 14165504 ----a-w- c:\windows\system32\shell32.dll
      2012-06-06 05:50 . 2012-07-15 17:53 1880064 ----a-w- c:\windows\system32\msxml3.dll
      2012-06-06 05:50 . 2012-07-15 17:53 2003968 ----a-w- c:\windows\system32\msxml6.dll
      2012-06-06 05:09 . 2012-07-15 17:53 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
      2012-06-06 05:09 . 2012-07-15 17:53 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
      "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2012-03-15 86696]
      .
      [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
      .
      [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
      2012-03-15 21:02 86696 ----a-w- c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2012-03-15 86696]
      .
      [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-02-15 00:32 94208 ----a-w- c:\users\Lourdes\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-02-15 00:32 94208 ----a-w- c:\users\Lourdes\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-02-15 00:32 94208 ----a-w- c:\users\Lourdes\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
      "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
      "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
      "UpdatePDRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
      "RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
      "PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
      "UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
      "UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]
      "UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
      "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
      "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
      "RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
      "VMware hqtray"="c:\program files (x86)\VMware\VMware Player\hqtray.exe" [2010-11-11 64112]
      "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-14 348664]
      "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
      "PSUAMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2012-07-13 37152]
      "Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2012-03-15 217256]
      .
      c:\users\Lourdes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Dropbox.lnk - c:\users\Lourdes\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
      Recorte de pantalla e Inicio rápido de OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-4-29 1127712]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "mixer4"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001
      .
      R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys [2012-06-27 33320]
      R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 gupdate;Servicio de actualización de Google (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-04 135664]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
      R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-24 250568]
      R3 gupdatem;Google Update Servicio (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-04 135664]
      R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
      R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
      R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-09-29 126392]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-09 1255736]
      R4 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys [2012-06-27 68648]
      S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1308000.00E\SYMDS64.SYS [2011-07-25 451192]
      S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1308000.00E\SYMEFA64.SYS [2012-05-22 1129120]
      S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-16 27760]
      S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\BASHDefs\20120823.007\BHDrvx64.sys [2012-06-19 1161376]
      S1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1308000.00E\ccSetx64.sys [2012-06-07 167072]
      S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\IPSDefs\20120831.001\IDSvia64.sys [2012-08-22 512672]
      S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys [2012-06-27 89128]
      S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys [2012-06-27 116776]
      S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys [2012-06-27 113192]
      S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys [2012-06-27 93224]
      S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys [2012-06-27 116776]
      S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys [2012-06-27 304680]
      S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys [2012-06-27 109096]
      S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys [2012-06-27 112680]
      S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys [2012-07-12 219688]
      S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys [2012-06-27 105000]
      S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2012-07-13 205352]
      S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 13824]
      S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1308000.00E\Ironx64.SYS [2012-04-18 190072]
      S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1308000.00E\SYMNETS.SYS [2012-04-18 405624]
      S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
      S2 AntiVirSchedulerService;Avira Programador;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-08-14 86224]
      S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2012-07-13 140064]
      S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe [2012-06-16 138272]
      S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2012-07-13 167464]
      S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2012-07-13 119336]
      S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2012-07-13 123944]
      S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2012-07-13 130088]
      S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [2012-07-13 36640]
      S2 Rezip;Rezip;c:\windows\SysWOW64\Rezip.exe [2009-03-05 311296]
      S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-09-29 12728]
      S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
      S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2010-11-11 81008]
      S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-11-11 539248]
      S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-04-30 340520]
      S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-04-30 39464]
      S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-10 138912]
      S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-01 136192]
      S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
      S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
      S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
      S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys [2011-03-10 57928]
      S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-02 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 01:43]
      .
      2012-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-04 02:38]
      .
      2012-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-04 02:38]
      .
      2012-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3402965912-562495637-1135925240-1003Core.job
      - c:\users\Lourdes\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-19 02:46]
      .
      2012-09-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3402965912-562495637-1135925240-1003UA.job
      - c:\users\Lourdes\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-19 02:46]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-02-15 00:32 97792 ----a-w- c:\users\Lourdes\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-02-15 00:32 97792 ----a-w- c:\users\Lourdes\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-02-15 00:32 97792 ----a-w- c:\users\Lourdes\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
      2012-02-15 00:32 97792 ----a-w- c:\users\Lourdes\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-15 9644576]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-23 166424]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-23 391192]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-23 413720]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "LoadAppInit_DLLs"=0x0
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://www.google.com/
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = *.local
      IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
      IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
      IE: Enviar página al dispositivo &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
      LSP: c:\program files (x86)\VMware\VMware Player\vsocklib.dll
      FF - ProfilePath - c:\users\Lourdes\AppData\Roaming\Mozilla\Firefox\Profiles\sal1f818.default\
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
      Toolbar-Locked - (no file)
      HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
      .
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV]
      "ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\19.8.0.14\diMaster.dll\" /prefetch:1"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
      "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2012-09-02 16:25:00
      ComboFix-quarantined-files.txt 2012-09-02 20:54
      .
      Pre-Run: 191.055.360.000 bytes libres
      Post-Run: 190.815.440.896 bytes libres
      .
      - - End Of File - - BFE5B57AA55E3CCE6FB1E2E594AB96EB

    3. #13
      Usuario Avatar de Lamiqui
      Registrado
      ago 2012
      Ubicación
      Venezuela
      Mensajes
      11

      Re: Mi navegador obliga a visitar www.globalsources.com

      Hola ¡D3vIL! y M4RTYN, el problema continúa.
      Saludos y gracias

    4. #14
      Moderador
      Avatar de @JonathanM
      Registrado
      may 2006
      Ubicación
      Chile
      Mensajes
      11.675

      Re: Mi navegador obliga a visitar www.globalsources.com

      Hola....

      Realiza estos pasos:

      «Paso 1» Descarga la siguiente herramienta:

      «Paso 2» Ejecutá OTL

      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo asta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Pegá el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:


      NOTA: No copiar la palabra Cita.
      netsvcs
      msconfig
      %SYSTEMDRIVE%\*.*
      CREATERESTOREPOINT
      Por favor No cambies el resto de la configuración a menos que te lo solicitemos.

      «Paso 3» Presioná el boton Analizar. Una vez que termine, se abrirán dos archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.

      «Paso 4» Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.

      salu2
      Recuerda volver y contarnos los resultados
      <¡D3vIL!>

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #15
      Usuario Avatar de Lamiqui
      Registrado
      ago 2012
      Ubicación
      Venezuela
      Mensajes
      11

      Re: Mi navegador obliga a visitar www.globalsources.com

      Estimados, aqui van los resultados de la aplicación del OTL. Seguiré trabajando y avisaré si se corrigió el problema. Muchas gracias por sus consejos y tiempo.
      LM



      OTL logfile created on: 04/09/2012 12:01:49 p.m. - Run 1
      OTL by OldTimer - Version 3.2.60.0 Folder = C:\Users\Lourdes\Downloads
      64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.7600.16385)
      Locale: 0000200A | Country: República Bolivariana de Venezuela | Language: ESV | Date Format: dd/MM/yyyy

      3,80 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 61,96% Memory free
      7,60 Gb Paging File | 5,82 Gb Available in Paging File | 76,59% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 222,83 Gb Total Space | 180,70 Gb Free Space | 81,09% Space Free | Partition Type: NTFS
      Drive D: | 222,83 Gb Total Space | 222,46 Gb Free Space | 99,83% Space Free | Partition Type: NTFS
      Drive F: | 298,09 Gb Total Space | 156,79 Gb Free Space | 52,60% Space Free | Partition Type: NTFS
      Drive G: | 7,51 Gb Total Space | 7,47 Gb Free Space | 99,51% Space Free | Partition Type: FAT32

      Computer Name: USUARIO-PC | User Name: Lourdes | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Lourdes\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      PRC - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      PRC - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      PRC - C:\Users\Lourdes\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      PRC - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
      PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
      PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
      PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
      PRC - C:\Program Files (x86)\VMware\VMware Player\hqtray.exe (VMware, Inc.)
      PRC - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
      PRC - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
      PRC - C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
      PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
      PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
      PRC - C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
      PRC - C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
      PRC - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
      PRC - C:\Windows\SysWOW64\Rezip.exe ()


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
      MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
      MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      MOD - C:\Program Files (x86)\VMware\VMware Player\zlib1.dll ()
      MOD - C:\Program Files (x86)\VMware\VMware Player\libxml2.dll ()
      MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
      MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
      MOD - C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
      SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (PSUAService) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      SRV - (NanoServiceMain) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
      SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
      SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
      SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
      SRV - (ufad-ws60) -- C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe (VMware, Inc.)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (Rezip) -- C:\Windows\SysWOW64\Rezip.exe ()


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (PSINProt) -- C:\Windows\SysNative\drivers\PSINProt.sys (Panda Security, S.L.)
      DRV:64bit: - (PSINKNC) -- C:\Windows\SysNative\drivers\PSINKNC.sys (Panda Security, S.L.)
      DRV:64bit: - (PSINProc) -- C:\Windows\SysNative\drivers\PSINProc.sys (Panda Security, S.L.)
      DRV:64bit: - (PSINAflt) -- C:\Windows\SysNative\drivers\PSINAflt.sys (Panda Security, S.L.)
      DRV:64bit: - (PSINFile) -- C:\Windows\SysNative\drivers\PSINFile.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSSTRM) -- C:\Windows\SysNative\drivers\NNSStrm.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSTLSC) -- C:\Windows\SysNative\drivers\NNStlsc.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSSMTP) -- C:\Windows\SysNative\drivers\NNSSmtp.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSPRV) -- C:\Windows\SysNative\drivers\NNSPrv.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSPROT) -- C:\Windows\SysNative\drivers\NNSProt.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSPOP3) -- C:\Windows\SysNative\drivers\NNSPop3.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSPIHSW) -- C:\Windows\SysNative\drivers\NNSPihsw.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSPICC) -- C:\Windows\SysNative\drivers\NNSpicc.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSNAHSL) -- C:\Windows\SysNative\drivers\NNSNAHSL.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSIDS) -- C:\Windows\SysNative\drivers\NNSIds.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSHTTP) -- C:\Windows\SysNative\drivers\NNSHttp.sys (Panda Security, S.L.)
      DRV:64bit: - (NNSALPC) -- C:\Windows\SysNative\drivers\NNSAlpc.sys (Panda Security, S.L.)
      DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
      DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
      DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (PSKMAD) -- C:\Windows\SysNative\drivers\PSKMAD.sys (Panda Security)
      DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
      DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
      DRV:64bit: - (vmkbd2) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
      DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
      DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
      DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
      DRV:64bit: - (vmusb) -- C:\Windows\SysNative\drivers\vmusb.sys (VMware, Inc.)
      DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
      DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
      DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
      DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
      DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
      DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
      DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
      DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
      DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
      DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV - (rtport) -- C:\Windows\SysWOW64\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
      DRV - (vstor2-ws60) -- C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys (VMware, Inc.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
      IE - HKCU\..\URLSearchHook: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
      IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.google.com/search?ie=utf-8&oe=utf-8&rlz=1V4IPYX&q={searchTerms}
      IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_esVE482VE483
      IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
      FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll File not found
      FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files (x86)\Research In Motion Limited\Complemento para explorador de BlackBerry App World\npappworld.dll ()
      FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lourdes\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lourdes\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/07 21:26:23 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/20 1656 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/30 09:43:10 | 000,000,000 | ---D | M]

      [2012/08/20 16:12:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lourdes\AppData\Roaming\Mozilla\Extensions
      [2012/09/02 13:39:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lourdes\AppData\Roaming\Mozilla\Firefox\Profiles\sal1f818.default\extensions
      [2012/08/20 1656 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/07/13 19:45:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/07/13 21:17:20 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/07/13 21:17:20 | 000,003,882 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/07/13 21:17:20 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2012/07/13 21:17:20 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/07/13 21:17:20 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/07/13 21:17:20 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - homepage: http://www.google.com/
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://www.google.com/
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lourdes\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lourdes\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\Lourdes\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lourdes\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
      CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
      CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
      CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
      CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
      CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
      CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
      CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
      CHR - plugin: BlackBerry AppWorld (Enabled) = C:\Program Files (x86)\Research In Motion Limited\Complemento para explorador de BlackBerry App World\npappworld.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
      CHR - Extension: \u003Cvideo\u003E de HTML5 de DivX Plus Web Player = C:\Users\Lourdes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

      O1 HOSTS File: ([2012/09/02 16:22:59 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
      O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
      O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~2\mcafee\msk\mskapbho.dll File not found
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
      O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll File not found
      O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
      O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
      O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [PSUAMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
      O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [VMware hqtray] C:\Program Files (x86)\VMware\VMware Player\hqtray.exe (VMware, Inc.)
      O4 - Startup: C:\Users\Lourdes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Lourdes\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8:64bit: - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
      O8:64bit: - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
      O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O9 - Extra Button: Enviar a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra 'Tools' menuitem : Enviar a &Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll (VMware, Inc.)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll (VMware, Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66D36CEC-6FC7-4B8B-BFB0-730F9978F9E3}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70E7804B-E8A1-471F-A238-1F86F6918DEC}: DhcpNameServer = 192.168.0.1
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


      MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
      MsConfig:64bit - State: "startup" - Reg Error: Key error.

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/09/02 22:41:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2012/09/02 22:40:52 | 000,057,928 | ---- | C] (Panda Security) -- C:\Windows\SysNative\drivers\PSKMAD.sys
      [2012/09/02 16:14:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2012/09/02 16:14:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2012/09/02 16:12:18 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2012/09/02 16:11:53 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
      [2012/09/02 15:50:18 | 004,742,930 | R--- | C] (Swearware) -- C:\Users\Lourdes\Desktop\ComboFix.exe
      [2012/08/20 16:11:57 | 000,000,000 | ---D | C] -- C:\Users\Lourdes\AppData\Roaming\Mozilla
      [2012/08/20 16:11:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
      [2012/08/20 1522 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/08/17 22:43:47 | 000,000,000 | ---D | C] -- C:\Users\Lourdes\AppData\Local\Microsoft Games
      [2012/08/17 22:02:07 | 000,000,000 | ---D | C] -- C:\Users\Lourdes\AppData\Roaming\Malwarebytes
      [2012/08/17 22:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/08/17 22:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/08/17 22:01:45 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2012/08/17 22:01:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2012/08/17 20:01:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
      [2012/08/17 20:01:04 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
      [2012/08/15 23:51:21 | 000,000,000 | ---D | C] -- C:\Users\Lourdes\AppData\Roaming\Panda Security
      [2012/08/15 23:48:13 | 000,000,000 | ---D | C] -- C:\Users\Lourdes\AppData\Local\panda2_0dn
      [2012/08/15 23:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security URL Filtering
      [2012/08/15 23:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
      [2012/08/15 23:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
      [2012/08/15 23:47:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
      [2012/08/15 12:27:45 | 000,000,000 | ---D | C] -- C:\Users\Lourdes\AppData\Local\CrashDumps
      [2012/08/14 17:53:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\smartdl
      [2012/08/10 20:57:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
      [2012/08/10 20:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
      [2012/08/10 20:56:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
      [2012/08/10 20:56:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
      [2012/08/10 20:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
      [2012/08/10 20:50:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
      [2012/08/10 20:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
      [2012/08/10 20:50:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
      [2012/08/10 16:15:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
      [2012/08/10 16:15:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
      [2012/08/10 16:15:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
      [2012/08/09 22:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
      [2012/08/09 22:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
      [2012/08/09 22:27:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
      [2012/08/06 12:27:41 | 000,000,000 | ---D | C] -- C:\ProgramData\XoftSpySE
      [2012/08/06 09:17:29 | 000,000,000 | ---D | C] -- C:\Users\Lourdes\AppData\Local\Symantec
      [2012/08/06 09:15:36 | 000,287,152 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\SymVPN.dll
      [2012/08/06 09:15:36 | 000,058,288 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\snacnp.dll
      [2012/08/06 09:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec

      ========== Files - Modified Within 30 Days ==========

      [2012/09/04 11:51:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/09/04 11:41:46 | 001,563,764 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/09/04 11:41:46 | 000,706,524 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/09/04 11:41:46 | 000,618,692 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/09/04 11:41:46 | 000,139,016 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/09/04 11:41:46 | 000,107,598 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/09/04 11:38:40 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3402965912-562495637-1135925240-1003UA.job
      [2012/09/04 11:38:39 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/09/04 11:38:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/09/04 09:18:25 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/09/04 09:18:25 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/09/04 09:15:25 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/09/03 19:11:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3402965912-562495637-1135925240-1003Core.job
      [2012/09/03 17:22:31 | 000,030,165 | ---- | M] () -- C:\Users\Lourdes\Desktop\bebi.jpg
      [2012/09/02 22:40:04 | 4081,631,232 | -HS- | M] () -- C:\hiberfil.sys
      [2012/09/02 16:22:59 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
      [2012/09/02 16:11:39 | 004,742,930 | R--- | M] (Swearware) -- C:\Users\Lourdes\Desktop\ComboFix.exe
      [2012/08/30 10:03:07 | 000,000,000 | ---- | M] () -- C:\ProgramData\0x0304A000.sfl
      [2012/08/29 18:11:00 | 000,488,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2012/08/28 11:15:34 | 000,003,053 | ---- | M] () -- C:\Users\Lourdes\.recently-used.xbel
      [2012/08/23 17:00:04 | 000,000,932 | ---- | M] () -- C:\Users\Lourdes\Desktop\Tar Nacimiento Vincent 2012 - Acceso directo.lnk
      [2012/08/15 13:23:46 | 000,021,374 | ---- | M] () -- C:\Users\Lourdes\AppData\Local\recently-used.xbel
      [2012/08/14 22:04:00 | 000,001,408 | ---- | M] () -- C:\Users\Lourdes\Desktop\Notepad.lnk
      [2012/08/11 10:43:56 | 000,311,824 | ---- | M] () -- C:\Users\Lourdes\Desktop\IMG-20120811-00058.jpg
      [2012/08/07 17:40:28 | 000,207,289 | ---- | M] () -- C:\torrent.exe
      [2012/08/07 13:57:08 | 000,698,444 | ---- | M] () -- C:\Windows\SysNative\oem35.inf
      [2012/08/06 09:15:36 | 000,287,152 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\SymVPN.dll
      [2012/08/06 09:15:36 | 000,058,288 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\snacnp.dll

      ========== Files Created - No Company Name ==========

      [2012/09/03 17:46:24 | 000,030,165 | ---- | C] () -- C:\Users\Lourdes\Desktop\bebi.jpg
      [2012/09/02 16:14:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2012/09/02 16:14:07 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2012/09/02 16:14:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2012/09/02 16:14:07 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2012/09/02 16:14:07 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2012/08/30 10:03:07 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl
      [2012/08/28 11:15:34 | 000,003,053 | ---- | C] () -- C:\Users\Lourdes\.recently-used.xbel
      [2012/08/24 06:38:50 | 000,311,824 | ---- | C] () -- C:\Users\Lourdes\Desktop\IMG-20120811-00058.jpg
      [2012/08/20 16:11:10 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [2012/08/20 1523 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/08/20 1523 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/08/20 1523 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/08/15 13:23:46 | 000,021,374 | ---- | C] () -- C:\Users\Lourdes\AppData\Local\recently-used.xbel
      [2012/08/14 21:59:52 | 000,001,408 | ---- | C] () -- C:\Users\Lourdes\Desktop\Notepad.lnk
      [2012/08/14 16:45:58 | 000,000,932 | ---- | C] () -- C:\Users\Lourdes\Desktop\Tar Nacimiento Vincent 2012 - Acceso directo.lnk
      [2012/08/07 17:40:28 | 000,207,289 | ---- | C] () -- C:\torrent.exe
      [2012/08/07 13:57:16 | 000,698,444 | ---- | C] () -- C:\Windows\SysNative\oem35.inf
      [2012/07/20 00:01:48 | 000,005,632 | ---- | C] () -- C:\Users\Lourdes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/05/24 20:02:19 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\clauth2.dll
      [2012/05/24 20:02:19 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\clauth1.dll
      [2012/05/24 20:02:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\ssprs.dll
      [2012/05/24 20:02:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\serauth2.dll
      [2012/05/24 20:02:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\serauth1.dll
      [2012/05/24 20:02:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\nsprs.dll
      [2012/05/13 21:57:45 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
      [2012/05/13 21:57:45 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
      [2012/05/03 21:41:26 | 001,584,422 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

      ========== LOP Check ==========

      [2012/05/16 16:17:54 | 000,000,000 | ---D | M] -- C:\Users\Lourdes\AppData\Roaming\com.prezi.PreziDesktop
      [2012/09/02 22:42:12 | 000,000,000 | ---D | M] -- C:\Users\Lourdes\AppData\Roaming\Dropbox
      [2012/07/28 22:35:35 | 000,000,000 | ---D | M] -- C:\Users\Lourdes\AppData\Roaming\inkscape
      [2012/08/15 23:51:21 | 000,000,000 | ---D | M] -- C:\Users\Lourdes\AppData\Roaming\Panda Security
      [2012/07/24 06:14:30 | 000,000,000 | ---D | M] -- C:\Users\Lourdes\AppData\Roaming\Research In Motion
      [2012/05/21 00:15:18 | 000,000,000 | ---D | M] -- C:\Users\Lourdes\AppData\Roaming\StatSoft
      [2012/07/30 18:26:54 | 000,000,000 | ---D | M] -- C:\Users\Lourdes\AppData\Roaming\TestApp
      [2012/05/09 20:08:38 | 000,019,820 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/07/14 08:42:47 | 000,001,024 | ---- | M] () -- C:\.rnd
      [2012/09/02 16:25:00 | 000,028,748 | ---- | M] () -- C:\ComboFix.txt
      [2012/09/02 22:40:04 | 4081,631,232 | -HS- | M] () -- C:\hiberfil.sys
      [2012/09/02 22:40:11 | 4081,631,232 | -HS- | M] () -- C:\pagefile.sys
      [2010/06/17 21:07:01 | 000,002,162 | ---- | M] () -- C:\RHDSetup.log
      [2010/06/17 21:20:08 | 000,000,191 | ---- | M] () -- C:\Setup.log
      [2012/08/07 17:40:28 | 000,207,289 | ---- | M] () -- C:\torrent.exe

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:DFC5A2B2

      < End of report >

    6. #16
      Usuario Avatar de Lamiqui
      Registrado
      ago 2012
      Ubicación
      Venezuela
      Mensajes
      11

      Re: Mi navegador obliga a visitar www.globalsources.com

      Muy buenas noches. El problema persiste. Saludos...

    7. #17
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: xDD

      D3VIL tengo una pregunta ¿no se resolvera esto desinstalando y volviendo a instalar los navegadores?

      Saludos compañer@s

    8. #18
      Usuario Avatar de Lamiqui
      Registrado
      ago 2012
      Ubicación
      Venezuela
      Mensajes
      11

      Re: Mi navegador obliga a visitar www.globalsources.com

      Buenas noches....
      Reinstalar los navegadores tampoco funcionó. Antes de reportarles el problema a ustedes había ya desinstalado el firefox, pero luego el problema apareció en los otros navegadores. Hoy desinstalé todos (Firefox, Google Chrome e IExlorer -bueno lo desactive, pues creo que no se "puede" quitar-) y nada. El problema aún persiste. No sé si haya alguna forma de impedir que se ejecute ese comando en particular.
      En todo caso, aprecio mucho la buena intención de todos por ayudarme, así como su tiempo y sugerencias. Saludos!

      Lamiqui.

    Página 2 de 2 PrimeroPrimero 12