• Registrarse
  • Iniciar sesión


  • Resultados 1 al 9 de 9

    Problema con Virus Funmoods

    Hola que tal amigos de InfoSpyware tengo un problema con este virus que aparece al iniciar mi ventana del navegador, acontinuacion les dejo el link con el que siempre inicia, espero me puedan ayudar, salu2 ...

    1. #1
      Usuario Avatar de georgekorona
      Registrado
      sep 2012
      Ubicación
      Calexico CA.
      Mensajes
      5

      Problema con Virus Funmoods

      Hola que tal amigos de InfoSpyware tengo un problema con este virus que aparece al iniciar mi ventana del navegador, acontinuacion les dejo el link con el que siempre inicia, espero me puedan ayudar, salu2

      EDITADO enlace a código malicioso.


      Seria conveniente que leyeras los siguientes temas para estar informad@.

      *Politicas del Foro

      *Consejos

      *Políticas del Foro HijackThis

      *http://www.forospyware.com/t52459.html

      *Normas del Foro Off-Topic


    2. #2
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Problema con Virus Funmoods

      Buenas.



      Realiza lo siguiente:





      Se abrirá un bloc de notas con el reporte, copia y pega todo su contenido en la siguiente respuesta para revisarlo.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de georgekorona
      Registrado
      sep 2012
      Ubicación
      Calexico CA.
      Mensajes
      5

      Re: Problema con Virus Funmoods

      Aqui esta el reporte

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.5 By Infospyware
      www.infospyware.com
      Fecha iniciada en el analisis 09/01/12
      Hora iniciada en el analisis 4:44:04.13
      Usuario Actual : [C:\Users\Diana y Geoerge]
      Sistema Operativo: Windows 7 Home Premium
      Arquitectura: Sistema operativo de 64 bits
      Versión Internet Explorer: 9.0.8112.16421
      Modo Actual: Modo Normal.
      Privilegios: [Diana y Geoerge-Administrador]
      Versión Google Chrome:
      Versión Mozilla Firefox: 14.0.1

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======




      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\Users\Diana y Geoerge\Appdata\Local\GDIPFONTCACHEV1.DAT


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Local Page == C:\Windows\system32\blank.htm

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page ==
      Default_Search_URL == http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL == http://go.microsoft.com/fwlink/?LinkId=69157


      "HKEY_USERS\S-1-5-21-1514331126-942424635-3054986851-1001\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Local Page == C:\Windows\system32\blank.htm


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage" : "http://www.google.com/",
      "homepage_changed" : true,
      "homepage_is_newtabpage" : false,


      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("pref.browser.homepage.disable_button.current_page", false);
      user_pref("browser.startup.homepage", "http://google.com");
      user_pref("pref.browser.homepage.disable_button.current_page", false);
      user_pref("browser.startup.homepage", "http://google.com");




      ======= EOF =======

    4. #4
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Problema con Virus Funmoods

      Buenas


      Descarga la herramienta ComboFix.exe y guárdala en el escritorio.

      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.



      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.Comentando como esta funcionado tu sistema.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de georgekorona
      Registrado
      sep 2012
      Ubicación
      Calexico CA.
      Mensajes
      5

      Re: Problema con Virus Funmoods

      Termine todo con exito, se reinicio el system y genero el siguiente reporte, pero al iniciar mi navegador inicio con Funmoods nuevamente

      ComboFix 12-08-31.08 - Diana y Geoerge 09/01/12 9:52.2.2 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.1033.18.1643.548 [GMT -7:00]
      Running from: c:\users\Diana y Geoerge\Downloads\ComboFix.exe
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\chrome.manifest
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\funmoods.css
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\funmoods.xul
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\images\pref.jpg
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\arwDwn.gif
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\ae.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\bg.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\ch.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\cn.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\cz.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\de.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\eg.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\en.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\es.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\fr.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\gr.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\he.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\il.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\it.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\ja.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\jp.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\nl.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\no.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\pl.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\pt.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\ro.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\ru.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\sa.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\se.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\sv.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\tr.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\ua.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\flgs\us.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\help_16.gif
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\home.gif
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\logo.png
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\privecy_16_hot.gif
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\imgs\tellafriend.gif
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\loader.xul
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\mtstart.js
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\preferences.xul
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\content\tmplt.js
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\install.rdf
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.rsa
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.sf
      c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]\META-INF\manifest.mf
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-01 to 2012-09-01 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-01 17:06 . 2012-09-01 17:06 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-09-01 09:40 . 2012-09-01 09:40 -------- d-----w- c:\programdata\Kaspersky Lab
      2012-09-01 09:40 . 2012-09-01 09:40 -------- d-----w- c:\program files (x86)\Kaspersky Lab
      2012-08-28 20:19 . 2012-08-28 20:19 -------- d-----w- c:\users\Diana y Geoerge\AppData\Local\Facebook
      2012-08-15 08:20 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
      2012-08-15 08:20 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
      2012-08-15 08:20 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
      2012-08-15 08:20 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
      2012-08-15 08:20 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
      2012-08-15 08:20 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
      2012-08-15 08:20 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
      2012-08-15 08:20 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
      2012-08-15 08:20 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
      2012-08-15 08:20 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
      2012-08-15 08:19 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
      2012-08-15 08:19 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-08-29 03:24 . 2012-06-26 06:09 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
      2012-08-29 03:24 . 2011-03-05 19:39 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2012-08-15 10:02 . 2011-09-11 20:10 62134624 ----a-w- c:\windows\system32\MRT.exe
      2012-08-15 00:11 . 2012-04-09 08:06 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-08-15 00:11 . 2011-08-20 22:24 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-07-24 23:57 . 2012-07-24 23:57 29680 ----a-w- C:\cc_20120724_165737.reg
      2012-07-13 22:38 . 2012-07-25 00:35 45856 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\pskalloc.dll
      2012-07-13 20:09 . 2012-07-25 00:35 155424 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSCCGUIUtils.dll
      2012-07-13 20:09 . 2012-07-25 00:35 35104 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANLang.dll
      2012-07-13 14:07 . 2012-07-25 00:35 85792 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCGP64.dll
      2012-07-13 14:07 . 2012-07-25 00:35 189216 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCIPC64.dll
      2012-07-13 14:03 . 2012-07-25 00:35 336160 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANCU.exe
      2012-07-13 14:03 . 2012-07-25 00:35 79648 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANUpgSI.dll
      2012-07-13 14:00 . 2012-07-25 00:35 91424 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCSysInfo.dll
      2012-07-13 14:00 . 2012-07-25 00:35 55072 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCUpdMgr.dll
      2012-07-13 14:00 . 2012-07-25 00:35 47904 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCTaskSch.dll
      2012-07-13 14:00 . 2012-07-25 00:35 47392 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCSA.dll
      2012-07-13 14:00 . 2012-07-25 00:35 46880 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCrypt.dll
      2012-07-13 14:00 . 2012-07-25 00:35 149280 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCNotifMgr.dll
      2012-07-13 14:00 . 2012-07-25 00:35 138016 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNComms.dll
      2012-07-13 14:00 . 2012-07-25 00:35 183584 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCIPC.dll
      2012-07-13 14:00 . 2012-07-25 00:35 43808 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCGP.dll
      2012-07-13 14:00 . 2012-07-25 00:35 30496 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCDSVF.dll
      2012-07-13 14:00 . 2012-07-25 00:35 66336 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCDSEX.dll
      2012-07-13 14:00 . 2012-07-25 00:35 140576 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCCfgMgr.dll
      2012-07-13 14:00 . 2012-07-25 00:35 130336 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSNCCfgStore.dll
      2012-07-13 14:00 . 2012-07-25 00:35 275232 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSINPrSg.dll
      2012-07-13 14:00 . 2012-07-25 00:35 192288 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSINUNC.dll
      2012-07-13 13:59 . 2012-07-25 00:35 167200 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSINEnAg.dll
      2012-07-13 13:59 . 2012-07-25 00:35 116512 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSINEvAg.dll
      2012-07-13 13:59 . 2012-07-25 00:35 204576 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSINApAg.dll
      2012-07-13 13:59 . 2012-07-25 00:35 81696 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenutil.dll
      2012-07-13 13:59 . 2012-07-25 00:35 133408 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSENSRF.dll
      2012-07-13 13:59 . 2012-07-25 00:35 104224 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenuser.dll
      2012-07-13 13:59 . 2012-07-25 00:35 96032 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSENSFN.DLL
      2012-07-13 13:59 . 2012-07-25 00:35 90912 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psensfl.dll
      2012-07-13 13:59 . 2012-07-25 00:35 90912 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSENRAM.dll
      2012-07-13 13:59 . 2012-07-25 00:35 87328 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSENQMem.dll
      2012-07-13 13:59 . 2012-07-25 00:35 92960 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenprtglk.dll
      2012-07-13 13:59 . 2012-07-25 00:35 157984 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSENPrx.dll
      2012-07-13 13:59 . 2012-07-25 00:35 111392 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenobsr.dll
      2012-07-13 13:59 . 2012-07-25 00:35 100640 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenplgb.dll
      2012-07-13 13:59 . 2012-07-25 00:35 179488 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenlc.dll
      2012-07-13 13:59 . 2012-07-25 00:35 113440 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSENMgrb.dll
      2012-07-13 13:59 . 2012-07-25 00:35 103200 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenlog.dll
      2012-07-13 13:59 . 2012-07-25 00:35 96032 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenhash.dll
      2012-07-13 13:59 . 2012-07-25 00:35 279328 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenkrnl.dll
      2012-07-13 13:59 . 2012-07-25 00:35 149792 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSENIExAg.dll
      2012-07-13 13:59 . 2012-07-25 00:35 98592 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psendsig.dll
      2012-07-13 13:59 . 2012-07-25 00:35 134432 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenfilter.dll
      2012-07-13 13:58 . 2012-07-25 00:35 108832 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psendecs.dll
      2012-07-13 13:58 . 2012-07-25 00:35 362272 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANUpgMgr.dll
      2012-07-13 13:58 . 2012-07-25 00:35 182048 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenagent.dll
      2012-07-13 13:58 . 2012-07-25 00:35 45856 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANStatsSend.dll
      2012-07-13 13:58 . 2012-07-25 00:35 444704 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANSoapActivation.dll
      2012-07-13 13:58 . 2012-07-25 00:35 33056 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANStatsFormat.dll
      2012-07-13 13:58 . 2012-07-25 00:35 164128 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANStatsReader.dll
      2012-07-13 13:58 . 2012-07-25 00:35 69920 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANPlugAvCatalogAnalysis.dll
      2012-07-13 13:58 . 2012-07-25 00:35 93472 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANPackageRegistry.dll
      2012-07-13 13:58 . 2012-07-25 00:35 192288 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANMSrvc.dll
      2012-07-13 13:58 . 2012-07-25 00:35 90400 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModShield.dll
      2012-07-13 13:58 . 2012-07-25 00:35 165152 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModUSBVac.dll
      2012-07-13 13:58 . 2012-07-25 00:35 149792 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModStats.dll
      2012-07-13 13:58 . 2012-07-25 00:35 305440 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModRol.dll
      2012-07-13 13:58 . 2012-07-25 00:35 157984 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModScheduler.dll
      2012-07-13 13:58 . 2012-07-25 00:35 254240 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModRep.dll
      2012-07-13 13:58 . 2012-07-25 00:35 188704 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModProcMon.dll
      2012-07-13 13:58 . 2012-07-25 00:35 110880 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModProactive.dll
      2012-07-13 13:58 . 2012-07-25 00:35 245024 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModLive.dll
      2012-07-13 13:58 . 2012-07-25 00:35 195872 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModNotification.dll
      2012-07-13 13:58 . 2012-07-25 00:35 101152 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModMail.dll
      2012-07-13 13:58 . 2012-07-25 00:35 192288 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModFirewall.dll
      2012-07-13 13:58 . 2012-07-25 00:35 260384 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModCfg.dll
      2012-07-13 13:58 . 2012-07-25 00:35 163616 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModCtrlCfg.dll
      2012-07-13 13:58 . 2012-07-25 00:35 151840 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModBrowser.dll
      2012-07-13 13:58 . 2012-07-25 00:35 324896 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModBLA.dll
      2012-07-13 13:57 . 2012-07-25 00:35 386848 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModAV.dll
      2012-07-13 13:57 . 2012-07-25 00:35 292128 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModADM.dll
      2012-07-13 13:57 . 2012-07-25 00:35 48928 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANMinReqUpg.dll
      2012-07-13 13:57 . 2012-07-25 00:35 245536 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModAdiag.dll
      2012-07-13 13:57 . 2012-07-25 00:35 178976 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANLiveMan.dll
      2012-07-13 13:57 . 2012-07-25 00:35 118560 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANLiveDownloader.dll
      2012-07-13 13:57 . 2012-07-25 00:35 37152 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANLicense.dll
      2012-07-13 13:57 . 2012-07-25 00:35 140064 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
      2012-07-13 13:57 . 2012-07-25 00:35 171808 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.UsbVaccine.dll
      2012-07-13 13:57 . 2012-07-25 00:35 356128 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.Service.Info.dll
      2012-07-13 13:57 . 2012-07-25 00:35 250656 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.Update.dll
      2012-07-13 13:57 . 2012-07-25 00:35 241952 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.Reports.dll
      2012-07-13 13:57 . 2012-07-25 00:35 239392 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.Service.Control.dll
      2012-07-13 13:57 . 2012-07-25 00:35 226592 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.Prl.dll
      2012-07-13 13:57 . 2012-07-25 00:35 214304 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.Notification.dll
      2012-07-13 13:57 . 2012-07-25 00:35 196384 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.Quarantine.dll
      2012-07-13 13:57 . 2012-07-25 00:35 170272 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.License.dll
      2012-07-13 13:56 . 2012-07-25 00:35 204064 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.dll
      2012-07-13 13:56 . 2012-07-25 00:35 238368 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.Configuration.dll
      2012-07-13 13:56 . 2012-07-25 00:35 207648 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.Communication.dll
      2012-07-13 13:56 . 2012-07-25 00:35 130336 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.Common.dll
      2012-07-13 13:56 . 2012-07-25 00:35 215328 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NdkApi.Analysis.dll
      2012-07-12 23:17 . 2012-07-25 00:35 173344 ----a-w- c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\PanFB02.tmp\Program Files\Panda Security\Panda Cloud Antivirus\pknact.dll
      2012-07-03 20:46 . 2011-08-30 02:13 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
      2012-01-31 20:59 86696 ----a-w- c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2012-01-31 86696]
      .
      [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-13 4786048]
      "ares"="c:\program files (x86)\Ares\Ares.exe" [2010-10-27 1015808]
      "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-06 2260480]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
      "Facebook Update"="c:\users\Diana y Geoerge\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-08-28 138096]
      "KSS"="c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" [2012-04-26 202296]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
      "Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2012-03-19 217256]
      "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
      "DisableMonitoring"=dword:00000001
      .
      R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 gupdate;Servicio de actualización de Google (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-16 136176]
      R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
      R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
      R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
      R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
      R3 gupdatem;Google Update Servicio (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-16 136176]
      R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
      R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
      R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
      R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-04-06 60504]
      R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
      R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
      R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
      R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-15 1255736]
      R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
      S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-11-12 77952]
      S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-11-12 37504]
      S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
      S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
      S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011-04-06 253528]
      S1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2011-04-06 94296]
      S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
      S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
      S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
      S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-05 204288]
      S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-02-12 354304]
      S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
      S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
      S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-02 227896]
      S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
      S2 KSS;Kaspersky Security Scan Service;c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-04-26 202296]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
      S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
      S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
      S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
      S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-05 9359872]
      S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-05 309760]
      S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-02-10 31088]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
      S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2010-12-22 333416]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
      S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2012-03-05 1145448]
      S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
      S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
      .
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
      2011-03-04 19:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 00:11]
      .
      2012-08-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1514331126-942424635-3054986851-1001Core.job
      - c:\users\Diana y Geoerge\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-28 20:19]
      .
      2012-09-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1514331126-942424635-3054986851-1001UA.job
      - c:\users\Diana y Geoerge\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-28 20:19]
      .
      2012-09-01 c:\windows\Tasks\Final Media Player Update Checker.job
      - c:\program files (x86)\FinalMediaPlayer\FMPCheckForUpdates.exe [2012-07-19 21:24]
      .
      2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-16 20:27]
      .
      2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-16 20:27]
      .
      2012-08-25 c:\windows\Tasks\HPCeeScheduleForDiana y Geoerge.job
      - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
      .
      2012-08-09 c:\windows\Tasks\HPCeeScheduleForWALLYMETAL$.job
      - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
      @="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
      [HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
      2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
      @="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
      [HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
      2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
      @="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
      [HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
      2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
      @="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
      [HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
      2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
      @="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
      [HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
      2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
      "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "LoadAppInit_DLLs"=0x0
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com
      uLocal Page = c:\windows\system32\blank.htm
      mStart Page = hxxp://www.google.com
      mLocal Page =
      IE: {{3B54DEAB-C6D4-48a8-8C32-A70558643400} - c:\program files (x86)\FinalVideoDownloader\fvdRunner.html
      TCP: DhcpNameServer = 192.168.1.1
      DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
      FF - ProfilePath - c:\users\Diana y Geoerge\AppData\Roaming\Mozilla\Firefox\Profiles\e81p62nb.default\
      FF - prefs.js: browser.startup.homepage - hxxp://start.funmoods.com/?f=1&a=aln&chnl=aln&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtC0E0D0F0F0Bzz0E0AtD0DtN0D0Tzu0CtCzytBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=2123991139
      FF - prefs.js: keyword.URL - hxxp://www.google.com/search?rlz=1V2IPYX&ie=utf-8&q=
      FF - prefs.js: network.proxy.type - 0
      FF - user.js: general.useragent.extra.brc -
      FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110014
      FF - user.js: extensions.BabylonToolbar_i.babExt -
      FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
      FF - user.js: extensions.BabylonToolbar_i.id - 2048ea0d000000000000984be1edffb8
      FF - user.js: extensions.BabylonToolbar_i.hardId - 2048ea0d000000000000984be1edffb8
      FF - user.js: extensions.BabylonToolbar_i.instlDay - 15412
      FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.172:55
      FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
      FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
      FF - user.js: extensions.funmoods.hmpg - true
      FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=aln&chnl=aln&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtC0E0D0F0F0Bzz0E0AtD0DtN0D0Tzu0CtCzytBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=2123991139
      FF - user.js: extensions.funmoods.dfltSrch - true
      FF - user.js: extensions.funmoods.srchPrvdr - Search
      FF - user.js: extensions.funmoods.dnsErr - true
      FF - user.js: extensions.funmoods_i.newTab - true
      FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=aln&chnl=aln&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtC0E0D0F0F0Bzz0E0AtD0DtN0D0Tzu0CtCzytBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=2123991139
      FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?f=3&a=aln&chnl=aln&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtC0E0D0F0F0Bzz0E0AtD0DtN0D0Tzu0CtCzytBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=2123991139&q=
      FF - user.js: extensions.funmoods.id - 984BE1EDFFB8EA0D
      FF - user.js: extensions.funmoods.instlDay - 15531
      FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
      FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
      FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2219:33
      FF - user.js: extensions.funmoods.prtnrId - funmoods
      FF - user.js: extensions.funmoods.prdct - funmoods
      FF - user.js: extensions.funmoods.aflt - aln
      FF - user.js: extensions.funmoods_i.smplGrp - none
      FF - user.js: extensions.funmoods.tlbrId - base
      FF - user.js: extensions.funmoods.instlRef - aln
      FF - user.js: extensions.funmoods.dfltLng -
      FF - user.js: extensions.funmoods.excTlbr - false
      FF - user.js: extensions.funmoods.autoRvrt - false
      FF - user.js: extensions.funmoods.envrmnt - production
      FF - user.js: extensions.funmoods.isdcmntcmplt - true
      FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
      FF - user.js: extensions.autoDisableScopes - 14
      FF - user.js: extensions.incredibar_i.newTab - false
      FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8A0rbxrz&loc=IB_TB&i=26&search=
      FF - user.js: extensions.incredibar_i.id - 2048ea0d000000000000984be1edffb8
      FF - user.js: extensions.incredibar_i.instlDay - 15545
      FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
      FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
      FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1416:30
      FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
      FF - user.js: extensions.incredibar_i.prdct - incredibar
      FF - user.js: extensions.incredibar_i.aflt - orgnl
      FF - user.js: extensions.incredibar_i.smplGrp - none
      FF - user.js: extensions.incredibar_i.tlbrId - base
      FF - user.js: extensions.incredibar_i.instlRef -
      FF - user.js: extensions.incredibar_i.dfltLng -
      FF - user.js: extensions.incredibar_i.excTlbr - false
      FF - user.js: extensions.incredibar_i.ms_url_id -
      FF - user.js: extensions.incredibar_i.upn2 - 6R8A0rbxrz
      FF - user.js: extensions.incredibar_i.upn2n - 92824763000622729
      FF - user.js: extensions.incredibar_i.productid - 26
      FF - user.js: extensions.incredibar_i.installerproductid - 26
      FF - user.js: extensions.incredibar_i.did - 10662
      FF - user.js: extensions.incredibar_i.ppd -
      .
      - - - - ORPHANS REMOVED - - - -
      .
      AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
      c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
      c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
      .
      **************************************************************************
      .
      Completion time: 2012-09-01 10:26:16 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-09-01 17:26
      .
      Pre-Run: 162,707,103,744 bytes free
      Post-Run: 164,043,354,112 bytes free
      .
      - - End Of File - - 0D8B10D5C2C57CF97758412EE56B5ED5

    6. #6
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Problema con Virus Funmoods

      Buenas.



      Descargá OTL By OldTimer a Tu escritorio

      Ejecutá OTL

      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo hasta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.



      Debido al accionar de las infecciones, que impide la ejecución de Todo lo relacionado a Antimalwares, vas a descargar OTL con su Extensión modificada desde cualquiera de los enlaces de abajo, para que este pueda correr.



      Nota:
      Cuando utilice estos enlaces, use Internet Explorer.

      Si utiliza Firefox, haga un clic derecho y seleccione "Guardar enlace como", de lo contrario, en algunos sistemas, cuando se intenta abrir el archivo, aparecería como una secuéncia de comandos y sólo verás muchas líneas de código en la pantalla.

      Una vez descargado OTL con su extensión cambiada, ejecútelo tal cual está explicado anteriormente.


      Nos traes el reporte de OTL.

      Saludos.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de georgekorona
      Registrado
      sep 2012
      Ubicación
      Calexico CA.
      Mensajes
      5

      Re: Problema con Virus Funmoods

      OTL logfile created on: 9/2/2012 6:22:10 PM - Run 1
      OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Diana y Geoerge\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: Mexico | Language: ESM | Date Format: MM/dd/yy

      1.60 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 56.32% Memory free
      3.21 Gb Paging File | 1.77 Gb Available in Paging File | 55.25% Paging File free
      Paging file location(s): c:\pagefile.sys 0 0 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 217.70 Gb Total Space | 153.10 Gb Free Space | 70.33% Space Free | Partition Type: NTFS
      Drive D: | 14.89 Gb Total Space | 1.86 Gb Free Space | 12.51% Space Free | Partition Type: NTFS

      Computer Name: WALLYMETAL | User Name: Diana y Geoerge | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Diana y Geoerge\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
      PRC - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
      PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
      PRC - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
      PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
      PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
      PRC - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Roxio)
      PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
      PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
      SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
      SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company)
      SRV:64bit: - (AMD Reservation Manager) -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices)
      SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (KSS) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
      SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
      SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
      SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
      SRV - (RoxioNow Service) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Roxio)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\drivers\rtl8192ce.sys (Realtek Semiconductor Corporation )
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
      DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
      DRV:64bit: - (SbFw) -- C:\Windows\SysNative\drivers\SbFw.sys (Sunbelt Software, Inc.)
      DRV:64bit: - (SbTis) -- C:\Windows\SysNative\drivers\sbtis.sys (Sunbelt Software, Inc.)
      DRV:64bit: - (sbhips) -- C:\Windows\SysNative\drivers\sbhips.sys (Sunbelt Software, Inc.)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
      DRV:64bit: - (SBFWIMCLMP) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
      DRV:64bit: - (SBFWIMCL) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
      DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
      DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
      DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
      DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
      DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
      DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
      DRV:64bit: - (s616bus) -- C:\Windows\SysNative\drivers\s616bus.sys (MCCI Corporation)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=aln&chnl=aln&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtC0E0D0F0F0Bzz0E0AtD0DtN0D0Tzu0CtCzytBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=2123991139
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=aln&chnl=aln&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtC0E0D0F0F0Bzz0E0AtD0DtN0D0Tzu0CtCzytBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=2123991139
      IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
      IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
      IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
      IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
      IE - HKLM\..\SearchScopes\{34FB63FC-60BE-DE02-4BB4-62E7D8FA3481}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=aln&chnl=aln&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtC0E0D0F0F0Bzz0E0AtD0DtN0D0Tzu0CtCzytBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=2123991139
      IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
      IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
      IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
      IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = about:blank
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
      IE - HKCU\..\SearchScopes\{34FB63FC-60BE-DE02-4BB4-62E7D8FA3481}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=110014&babsrc=SP_ss&mntrId=2048ea0d000000000000984be1edffb8
      IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.google.com/search?ie=utf-8&oe=utf-8&rlz=1V4IPYX&q={searchTerms}
      IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_enMX445
      IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
      IE - HKCU\..\SearchScopes\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z131&form=ZGAIDF&install_date=20110820&iesrc={referrer:source}
      IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
      IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
      IE - HKCU\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..browser.startup.homepage: "http://start.funmoods.com/?f=1&a=aln&chnl=aln&cd=2XzuyEtN2Y1L1QzuzyzzyE0B0EtC0E0D0F0F0Bzz0E0AtD0DtN0D0Tzu0CtCzytBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=2123991139"
      FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={51CDF6E0-BBED-460C-87A0-85F435E51ECE}&Version=3.6.5&Vintage=20120729&Defaultbrowserid=53&Productid=2326&Vendorid=5750&Offerid=6894&searchterm="
      FF - prefs.js..keyword.URL: "http://www.google.com/search?rlz=1V2IPYX&ie=utf-8&q="
      FF - prefs.js..network.proxy.type: 0


      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll File not found
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Diana y Geoerge\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

      64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\FinalVideoDownloader\Firefox [2011/08/20 11:17:47 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 01:03:31 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

      [2011/08/20 15:21:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Diana y Geoerge\AppData\Roaming\mozilla\Extensions
      [2012/08/16 01:52:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Diana y Geoerge\AppData\Roaming\mozilla\Firefox\Profiles\e81p62nb.default\extensions
      [2012/07/11 13:03:01 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Diana y Geoerge\AppData\Roaming\mozilla\Firefox\Profiles\e81p62nb.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
      [2012/07/19 07:12:45 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Diana y Geoerge\AppData\Roaming\mozilla\Firefox\Profiles\e81p62nb.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
      [2012/07/16 19:33:03 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\Diana y Geoerge\AppData\Roaming\mozilla\Firefox\Profiles\e81p62nb.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
      [2012/07/27 02:09:08 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Diana y Geoerge\AppData\Roaming\mozilla\Firefox\Profiles\e81p62nb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
      [2012/07/17 00:19:18 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\Diana y Geoerge\AppData\Roaming\mozilla\Firefox\Profiles\e81p62nb.default\extensions\[email protected]
      [2012/09/01 09:45:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
      [2012/06/25 2302 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
      [2012/09/01 09:45:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
      [2012/08/16 01:52:44 | 000,011,615 | ---- | M] () (No name found) -- C:\USERS\DIANA Y GEOERGE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E81P62NB.DEFAULT\EXTENSIONS\{751A6516-7BD7-6295-2C1C-2D2F9790B900}.XPI
      [2012/06/14 01:45:18 | 000,013,610 | ---- | M] () (No name found) -- C:\USERS\DIANA Y GEOERGE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E81P62NB.DEFAULT\EXTENSIONS\{A3A5C777-F583-4FEF-9380-AB4ADD1BC2A8}.XPI
      [2012/07/18 18:35:29 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/06/28 03:16:10 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/06/28 03:16:10 | 000,002,456 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolibre-mx.xml
      [2012/01/27 08:11:08 | 000,002,325 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pandasecuritytb.xml
      [2012/06/28 03:16:10 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/06/28 03:16:10 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-mx.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://www.google.com/

      O1 HOSTS File: ([2012/09/01 10:09:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
      O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
      O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
      O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
      O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
      O4 - HKCU..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
      O4 - HKCU..\Run: [Facebook Update] C:\Users\Diana y Geoerge\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKCU..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
      O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
      O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O9 - Extra Button: Download Video - {3B54DEAB-C6D4-48a8-8C32-A70558643400} - C:\Program Files (x86)\FinalVideoDownloader\fvdRunner.html ()
      O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
      O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
      O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
      O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
      O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_22)
      O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A60BC56-24AC-4528-9F81-54C8383B443B}: DhcpNameServer = 192.168.1.254
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/09/01 10:32:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2012/09/01 10:26:19 | 000,000,000 | ---D | C] -- C:\Windows\temp
      [2012/09/01 09:48:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2012/09/01 09:48:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2012/09/01 09:47:54 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2012/09/01 02:42:05 | 000,000,000 | ---D | C] -- C:\Users\Diana y Geoerge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
      [2012/09/01 02:40:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
      [2012/09/01 02:40:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
      [2012/08/28 13:19:23 | 000,000,000 | ---D | C] -- C:\Users\Diana y Geoerge\AppData\Local\Facebook
      [2012/05/31 00:19:14 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Diana y Geoerge\AppData\Roaming\pcouffin.sys

      ========== Files - Modified Within 30 Days ==========

      [2012/09/02 18:24:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/09/02 18:11:50 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/09/02 18:11:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/09/02 16:24:05 | 000,000,968 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1514331126-942424635-3054986851-1001UA.job
      [2012/09/02 15:04:51 | 000,037,242 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\tumblr_m7djz2Zhvh1ru67x8o1_500.jpg
      [2012/09/02 14:19:40 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/09/02 14:13:05 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1514331126-942424635-3054986851-1001Core.job
      [2012/09/02 01:20:02 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
      [2012/09/01 10:41:26 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/09/01 10:41:26 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/09/01 10:31:49 | 1292,029,952 | -HS- | M] () -- C:\hiberfil.sys
      [2012/09/01 10:09:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
      [2012/09/01 03:36:35 | 000,094,836 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\poli.jpg
      [2012/09/01 03:32:19 | 000,034,643 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\333-722-thickboxs.jpg
      [2012/09/01 03:28:42 | 000,034,643 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\333-722-thickbox.jpg
      [2012/09/01 03:28:32 | 000,040,570 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\333-721-thickbox.jpg
      [2012/09/01 02:41:35 | 000,001,037 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\Kaspersky Security Scan.lnk
      [2012/08/31 15:47:13 | 000,042,810 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\540372_367319026645524_355922281118532_1167665_1523137882_n.jpg
      [2012/08/31 02:43:33 | 000,092,473 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\tumblr_m9j3baRpOs1r90efro1_500.jpg
      [2012/08/31 02:13:59 | 000,735,176 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/08/31 02:13:59 | 000,620,524 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/08/31 02:13:59 | 000,110,712 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/08/30 15:31:52 | 000,182,423 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\TRASLADO.jpeg
      [2012/08/30 15:28:40 | 000,041,269 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\1.jpeg.jpg
      [2012/08/30 15:28:00 | 000,052,583 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\5.jpeg.jpg
      [2012/08/30 13:30:32 | 000,030,967 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\564339_360484847364253_978193363_n.jpg
      [2012/08/30 04:16:07 | 000,012,856 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\484487-G.JPG
      [2012/08/29 21:07:13 | 000,133,535 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\dibujosdemonsterhighparacolorear7.jpg
      [2012/08/29 21:06:45 | 000,140,411 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\dibujosdemonsterhighparacolorear2.jpg
      [2012/08/29 21:06:07 | 000,107,067 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\dibujosdemonsterhighparacolorear4.jpg
      [2012/08/29 21:04:44 | 000,033,792 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\monster-high-lagoona.gif
      [2012/08/29 21:04:25 | 000,033,428 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\3.gif
      [2012/08/29 21:04:07 | 000,037,662 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\dibujos-para-colorear-en-el-ordenador-de-monster-high.gif
      [2012/08/29 21:03:30 | 000,038,153 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\dibujos-de-monster-high-para-pintar.gif
      [2012/08/29 21:03:11 | 000,043,858 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\baby-draculaura-la-hija-d_4f2117582b335-p.gif
      [2012/08/29 21:00:17 | 000,217,331 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\image_thumb.png
      [2012/08/29 14:53:41 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
      [2012/08/29 03:43:08 | 000,015,495 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\rollerderbyrules.jpg
      [2012/08/29 03:40:15 | 000,014,843 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\$(KGrHqUOKn!E5DC+ThReBOd6e068dg~~_35.JPG
      [2012/08/29 03:23:53 | 000,068,636 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\overlords-refs-lrg.png
      [2012/08/28 15:33:49 | 000,067,437 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\HandSignals-1.jpg
      [2012/08/28 15:29:18 | 000,163,267 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\AC0.jpg
      [2012/08/28 15:13:53 | 000,049,649 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\Jaguares-VS-Dorados-en-Mexicali.jpg
      [2012/08/28 15:09:41 | 000,098,241 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\soda-stereo-tributo.jpg
      [2012/08/28 14:54:24 | 000,051,945 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\tumblr_m9ft5cb5mY1qbot5oo1_500.jpg
      [2012/08/28 14:50:24 | 000,107,323 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\403887_377419055658789_768726883_n.jpg
      [2012/08/28 14:49:09 | 000,019,840 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\405704_272118426188853_1864218623_n.jpg
      [2012/08/28 14:48:46 | 000,038,425 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\399959_272104089523620_571134145_n.jpg
      [2012/08/28 14:47:22 | 000,048,577 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\426890_272100119524017_1087862356_n.jpg
      [2012/08/28 02:51:53 | 000,035,221 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\5.jpg
      [2012/08/28 02:51:27 | 000,028,884 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\4.jpg
      [2012/08/28 02:51:05 | 000,024,653 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\3.jpg
      [2012/08/28 02:50:47 | 000,031,254 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\2.jpg
      [2012/08/28 02:49:21 | 000,033,010 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\1.jpg
      [2012/08/24 18:37:54 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDiana y Geoerge.job
      [2012/08/15 16:09:57 | 000,277,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2012/08/09 15:19:24 | 001,781,760 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\Michael Jackson - Ghosts (Full version).mpg.flv
      [2012/08/09 01:08:06 | 466,112,224 | ---- | M] () -- C:\Users\Diana y Geoerge\Desktop\proyect x.mp4
      [2012/08/08 22:54:12 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForWALLYMETAL$.job

      ========== Files Created - No Company Name ==========

      [2012/09/02 15:04:39 | 000,037,242 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\tumblr_m7djz2Zhvh1ru67x8o1_500.jpg
      [2012/09/01 09:48:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2012/09/01 09:48:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2012/09/01 09:48:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2012/09/01 09:48:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2012/09/01 09:48:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2012/09/01 03:36:34 | 000,094,836 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\poli.jpg
      [2012/09/01 03:32:16 | 000,034,643 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\333-722-thickboxs.jpg
      [2012/09/01 03:28:39 | 000,034,643 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\333-722-thickbox.jpg
      [2012/09/01 03:28:17 | 000,040,570 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\333-721-thickbox.jpg
      [2012/09/01 02:42:05 | 000,001,037 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\Kaspersky Security Scan.lnk
      [2012/08/31 15:47:00 | 000,042,810 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\540372_367319026645524_355922281118532_1167665_1523137882_n.jpg
      [2012/08/31 02:43:24 | 000,092,473 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\tumblr_m9j3baRpOs1r90efro1_500.jpg
      [2012/08/30 15:31:52 | 000,182,423 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\TRASLADO.jpeg
      [2012/08/30 15:28:39 | 000,041,269 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\1.jpeg.jpg
      [2012/08/30 15:27:53 | 000,052,583 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\5.jpeg.jpg
      [2012/08/30 13:30:19 | 000,030,967 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\564339_360484847364253_978193363_n.jpg
      [2012/08/30 04:16:02 | 000,012,856 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\484487-G.JPG
      [2012/08/29 21:07:12 | 000,133,535 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\dibujosdemonsterhighparacolorear7.jpg
      [2012/08/29 21:06:44 | 000,140,411 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\dibujosdemonsterhighparacolorear2.jpg
      [2012/08/29 21:06:05 | 000,107,067 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\dibujosdemonsterhighparacolorear4.jpg
      [2012/08/29 21:04:43 | 000,033,792 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\monster-high-lagoona.gif
      [2012/08/29 21:04:23 | 000,033,428 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\3.gif
      [2012/08/29 21:04:06 | 000,037,662 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\dibujos-para-colorear-en-el-ordenador-de-monster-high.gif
      [2012/08/29 21:03:29 | 000,038,153 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\dibujos-de-monster-high-para-pintar.gif
      [2012/08/29 21:03:10 | 000,043,858 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\baby-draculaura-la-hija-d_4f2117582b335-p.gif
      [2012/08/29 21:00:13 | 000,217,331 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\image_thumb.png
      [2012/08/29 03:43:05 | 000,015,495 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\rollerderbyrules.jpg
      [2012/08/29 03:40:13 | 000,014,843 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\$(KGrHqUOKn!E5DC+ThReBOd6e068dg~~_35.JPG
      [2012/08/29 03:23:51 | 000,068,636 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\overlords-refs-lrg.png
      [2012/08/28 15:33:27 | 000,067,437 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\HandSignals-1.jpg
      [2012/08/28 15:29:16 | 000,163,267 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\AC0.jpg
      [2012/08/28 15:13:50 | 000,049,649 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\Jaguares-VS-Dorados-en-Mexicali.jpg
      [2012/08/28 15:09:39 | 000,098,241 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\soda-stereo-tributo.jpg
      [2012/08/28 14:54:23 | 000,051,945 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\tumblr_m9ft5cb5mY1qbot5oo1_500.jpg
      [2012/08/28 14:50:23 | 000,107,323 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\403887_377419055658789_768726883_n.jpg
      [2012/08/28 14:49:09 | 000,019,840 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\405704_272118426188853_1864218623_n.jpg
      [2012/08/28 14:48:46 | 000,038,425 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\399959_272104089523620_571134145_n.jpg
      [2012/08/28 14:47:21 | 000,048,577 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\426890_272100119524017_1087862356_n.jpg
      [2012/08/28 02:51:52 | 000,035,221 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\5.jpg
      [2012/08/28 02:51:26 | 000,028,884 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\4.jpg
      [2012/08/28 02:51:04 | 000,024,653 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\3.jpg
      [2012/08/28 02:50:06 | 000,031,254 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\2.jpg
      [2012/08/28 02:49:20 | 000,033,010 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\1.jpg
      [2012/08/09 15:19:14 | 001,781,760 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\Michael Jackson - Ghosts (Full version).mpg.flv
      [2012/08/09 00:23:28 | 466,112,224 | ---- | C] () -- C:\Users\Diana y Geoerge\Desktop\proyect x.mp4
      [2012/07/19 00:59:34 | 000,000,208 | ---- | C] () -- C:\Windows\wininit.ini
      [2012/07/19 00:09:26 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/07/16 01:07:57 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/07/16 01:07:57 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/05/31 00:19:14 | 000,099,384 | ---- | C] () -- C:\Users\Diana y Geoerge\AppData\Roaming\inst.exe
      [2012/05/31 00:19:14 | 000,007,859 | ---- | C] () -- C:\Users\Diana y Geoerge\AppData\Roaming\pcouffin.cat
      [2012/05/31 00:19:14 | 000,001,167 | ---- | C] () -- C:\Users\Diana y Geoerge\AppData\Roaming\pcouffin.inf
      [2012/05/16 21:49:21 | 000,022,528 | ---- | C] () -- C:\Users\Diana y Geoerge\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/05/03 01:24:21 | 000,000,000 | ---- | C] () -- C:\Windows\pcfriend.INI
      [2011/09/20 18:51:18 | 000,000,153 | ---- | C] () -- C:\Users\Diana y Geoerge\AppData\Roaming\default.rss
      [2011/05/03 18:17:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
      [2011/05/03 18:08:41 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
      [2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
      [2011/03/05 12:45:37 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
      [2010/12/20 17:20:14 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
      [2010/12/10 10:48:40 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

      ========== LOP Check ==========

      [2012/07/17 03:56:24 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\Ad-Aware Antivirus
      [2012/03/07 18:49:38 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\Alive Games
      [2011/09/04 23:07:53 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\Blio
      [2012/07/18 19:09:05 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\FinalMediaPlayer
      [2011/08/20 11:23:36 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\FinalVideoDownloader
      [2011/08/18 18:07:48 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\Flood Light Games
      [2011/08/17 23:15:41 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\funkitron
      [2011/09/12 15:08:39 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\iWin
      [2011/10/27 22:39:19 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\MP3Torpedo
      [2012/07/16 17:32:54 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\Panda Security
      [2011/09/19 18:05:58 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\PlayFirst
      [2012/06/12 03:53:47 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\Rovio
      [2011/08/14 01:37:03 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\Synaptics
      [2012/05/31 00:19:16 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\Vso
      [2012/05/28 18:43:49 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\WildTangent
      [2011/08/29 21:08:09 | 000,000,000 | ---D | M] -- C:\Users\Diana y Geoerge\AppData\Roaming\Windows Live Writer
      [2012/09/02 14:13:05 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1514331126-942424635-3054986851-1001Core.job
      [2012/09/02 16:24:05 | 000,000,968 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1514331126-942424635-3054986851-1001UA.job
      [2012/09/02 01:20:02 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\Final Media Player Update Checker.job
      [2012/05/16 20:27:20 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

      ========== Purity Check ==========



      < End of report >

    8. #8
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Problema con Virus Funmoods

      Buenas.


      1.- Realiza un copia de tus marcadores:

      Menu Marcadores->organizar marcadores->Importar y respaldar->exportar Html
      2.- Elimina con Revo Unistaller En modo avanzado (Esto es muy importante) Seleccionas Firefox || presionas desinstalar || y seleccionas Modo avanzado y vas eliminado todo los restos.

      3.- Descarga y ejecuta: Glary Utilities.

      4.- Reinstala Firefox ; descargalo desde Aquí: Firefox

      5.- Restaura los marcadores:
      Para restaurarla menu marcadores->organizar marcadores->importar y respaldar->importar Html, marcamos desde archivo seleccionando el bookmarks.html con la copia de nuestros marcadores
      Nos cuentas.

      Salu2!!
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de georgekorona
      Registrado
      sep 2012
      Ubicación
      Calexico CA.
      Mensajes
      5

      Re: Problema con Virus Funmoods

      Todo quedo a la perfeccion, ya resolvi mi problema, gracias