• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 19 de 19

    Desconexión del centro de seguridad y redireccionamiento de google.

    Hola, ya he desinstalado firefox, en cuanto a sus plugins y extensiones, no se como eliminarlas. El log: Farbar Service Scanner Version: 19-10-2012 Ran by Tienda (administrator) on 25-10-2012 at 18:39:11 Running from "C:\Users\Tienda\Desktop" Microsoft ...

    1. #11
      Usuario Avatar de Ramon2k12
      Registrado
      oct 2012
      Ubicación
      Alicante
      Mensajes
      12

      Re: Desconexión del centro de seguridad y redireccionamiento de google.

      Hola, ya he desinstalado firefox, en cuanto a sus plugins y extensiones, no se como eliminarlas.
      El log:

      Farbar Service Scanner Version: 19-10-2012
      Ran by Tienda (administrator) on 25-10-2012 at 18:39:11
      Running from "C:\Users\Tienda\Desktop"
      Microsoft Windows 7 Professional Service Pack 1 (X64)
      Boot Mode: Normal
      ****************************************************************

      Internet Services:
      ============

      Connection Status:
      ==============
      Localhost is accessible.
      LAN connected.
      Google IP is accessible.
      Google.com is accessible.
      Yahoo IP is accessible.
      Yahoo.com is accessible.


      Windows Firewall:
      =============

      Firewall Disabled Policy:
      ==================


      System Restore:
      ============

      System Restore Disabled Policy:
      ========================


      Action Center:
      ============
      wscsvc Service is not running. Checking service configuration:
      The start type of wscsvc service is set to Disabled. The default start type is Auto.
      The ImagePath of wscsvc service is OK.
      The ServiceDll of wscsvc service is OK.


      Windows Update:
      ============

      Windows Autoupdate Disabled Policy:
      ============================


      Windows Defender:
      ==============
      WinDefend Service is not running. Checking service configuration:
      The start type of WinDefend service is set to Disabled. The default start type is Auto.
      The ImagePath of WinDefend service is OK.
      The ServiceDll of WinDefend service is OK.


      Windows Defender Disabled Policy:
      ==========================
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
      "DisableAntiSpyware"=DWORD:1


      Other Services:
      ==============


      File Check:
      ========
      C:\Windows\System32\nsisvc.dll => MD5 is legit
      C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
      C:\Windows\System32\dhcpcore.dll => MD5 is legit
      C:\Windows\System32\drivers\afd.sys => MD5 is legit
      C:\Windows\System32\drivers\tdx.sys => MD5 is legit
      C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
      C:\Windows\System32\dnsrslvr.dll => MD5 is legit
      C:\Windows\System32\mpssvc.dll => MD5 is legit
      C:\Windows\System32\bfe.dll => MD5 is legit
      C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
      C:\Windows\System32\SDRSVC.dll => MD5 is legit
      C:\Windows\System32\vssvc.exe => MD5 is legit
      C:\Windows\System32\wscsvc.dll => MD5 is legit
      C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
      C:\Windows\System32\wuaueng.dll => MD5 is legit
      C:\Windows\System32\qmgr.dll => MD5 is legit
      C:\Windows\System32\es.dll => MD5 is legit
      C:\Windows\System32\cryptsvc.dll => MD5 is legit
      C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
      C:\Windows\System32\svchost.exe => MD5 is legit
      C:\Windows\System32\rpcss.dll => MD5 is legit


      **** End of log ****

      Saludos.

    2. #12
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.638

      Re: Desconexión del centro de seguridad y redireccionamiento de google.

      Hola

      Pasá por este Link: Eliminar Rootkit.ZeroAccess - Sirefef (Mediashifting - Abnow) y usá la Herramienta ServicesRepair.exe para intentar reparar ese Servicio.


      Nos comentas como sigue ...


      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    3. #13
      Usuario Avatar de Ramon2k12
      Registrado
      oct 2012
      Ubicación
      Alicante
      Mensajes
      12

      Re: Desconexión del centro de seguridad y redireccionamiento de google.

      Hola, no tengo suerte, el problema sigue, he reactivado los servicios y se vuelven a parar solos, en cuanto al redireccionamiento, como no he instalado firefox no te puedo decir, con el explorer si que me lo redirecciona pero con el safari, no.

      ¿Alguna sugerencia?.

      Gracias.

      Saludos.

    4. #14
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.638

      Re: Desconexión del centro de seguridad y redireccionamiento de google.

      Hola




      Descargá la herramienta ComboFix.exe a Tu escritorio.

      • Desactivá temporalmente el Antivirus y/o Antispyware. Cómo deshabilitar temporalmente su Antivirus
      • Cerrá todas las ventanas abiertas.
      • Hacá doble clic en el archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generará un registro en C:\ComboFix.txt.




      Notas Importantes:

      • Mientras CF este trabajando, no debes mover el mouse ya que pararía su proceso.
      • ComboFix Puede Reiniciar automáticamente el PC para completar el proceso de eliminación.
      • Una vez Terminado el Trabajo de ComboFix, podes activar Tu antivirus.
      • No Pongas los Reportes Dentro de Etiquetas Code ni HTML.




      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.


      El reporte generado, se encuentra en C:\ComboFix.txt . Abrilo, seleccionas Todo y lo copias y pegas en Tu próxima respuesta.



      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    5. #15
      Usuario Avatar de Ramon2k12
      Registrado
      oct 2012
      Ubicación
      Alicante
      Mensajes
      12

      Re: Desconexión del centro de seguridad y redireccionamiento de google.

      Hola, este es el reporte de Combofix, he desinstalado el antivirus de microsoft y he instalado Pc tools internet security, me ha encontrado algun troyano, pero el problema persiste, he desactivado el antivirus sin embargo el Combofix me lo detecta antes de empezar su scan/limpieza, pero no se como demonios pararlo, no aparece en la lista de aplicaciones en marcha:

      ComboFix 12-10-29.01 - Tienda 29/10/2012 9:45.3.1 - x64
      Microsoft Windows 7 Professional 6.1.7601.1.1252.34.3082.18.4095.2296 [GMT 1:00]
      Running from: c:\users\Tienda\Desktop\ComboFix.exe
      AV: Internet Security Anti-Virus *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
      FW: PC Tools Internet Security Firewall *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
      SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\_ctypes.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\_elementtree.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\_hashlib.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\_socket.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\_ssl.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\pyexpat.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\pysqlite2._sqlite.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\python26.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\pythoncom26.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\pywintypes26.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\select.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\unicodedata.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\win32api.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\win32com.shell.shell.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\win32crypt.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\win32event.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\win32file.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\win32inet.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\win32pdh.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\win32process.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\win32security.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\windows._cacheinvalidation.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wx._controls_.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wx._core_.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wx._gdi_.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wx._html2.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wx._misc_.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wx._windows_.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wx._wizard.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wxbase293u_net_vc.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wxbase293u_vc.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wxmsw293u_adv_vc.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wxmsw293u_core_vc.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wxmsw293u_html_vc.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI40042\wxmsw293u_webview_vc.dll
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-09-28 to 2012-10-29 )))))))))))))))))))))))))))))))
      .
      .
      2012-10-29 08:57 . 2012-10-29 08:57 -------- d-----w- c:\users\Tienda2\AppData\Local\temp
      2012-10-29 08:57 . 2012-10-29 08:57 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-10-27 09:48 . 2012-10-27 09:48 -------- d-----w- c:\users\Tienda\AppData\Roaming\PC Tools
      2012-10-27 09:48 . 2012-10-27 09:48 -------- d-----w- c:\users\Tienda\AppData\Roaming\Spam Monitor
      2012-10-27 09:43 . 2012-06-22 09:39 85224 ----a-w- c:\windows\system32\drivers\PCTBD64.sys
      2012-10-27 09:42 . 2012-06-22 13:33 14808 ----a-w- c:\windows\system32\drivers\pctBTFix64.sys
      2012-10-27 09:42 . 2012-06-22 12:21 706776 ----a-w- c:\windows\system32\drivers\TfSysMon.sys
      2012-10-27 09:42 . 2012-06-22 12:21 65664 ----a-w- c:\windows\system32\drivers\TfFsMon.sys
      2012-10-27 09:42 . 2012-06-22 12:21 41968 ----a-w- c:\windows\system32\drivers\TfNetMon.sys
      2012-10-27 09:42 . 2012-06-22 13:35 181032 ----a-w- c:\windows\system32\drivers\pctplfw64.sys
      2012-10-27 09:42 . 2012-04-19 07:57 123808 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter64.sys
      2012-10-27 09:42 . 2012-03-19 10:02 77976 ----a-w- c:\windows\system32\drivers\pctNdisLW64.sys
      2012-10-27 09:42 . 2010-07-08 06:49 79000 ----a-w- c:\windows\system32\drivers\pctNdis64.sys
      2012-10-27 09:05 . 2012-10-27 09:05 -------- d-----w- c:\users\Tienda\AppData\Roaming\TestApp
      2012-10-27 08:32 . 2012-06-22 09:38 767960 ----a-w- c:\windows\BDTSupport.dll
      2012-10-27 08:32 . 2012-06-22 09:39 149464 ----a-w- c:\windows\SGDetectionTool.dll
      2012-10-27 08:32 . 2012-06-22 09:39 2267096 ----a-w- c:\windows\PCTBDCore.dll
      2012-10-27 08:32 . 2012-06-22 09:39 1689560 ----a-w- c:\windows\PCTBDRes.dll
      2012-10-27 08:17 . 2012-02-28 09:43 1096176 ----a-w- c:\windows\system32\drivers\pctEFA64.sys
      2012-10-27 08:17 . 2012-02-28 09:43 453896 ----a-w- c:\windows\system32\drivers\pctDS64.sys
      2012-10-27 08:17 . 2012-06-22 13:29 145464 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys
      2012-10-27 08:17 . 2012-06-22 13:29 341200 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys
      2012-10-27 08:17 . 2012-04-23 10:36 426616 ----a-w- c:\windows\system32\drivers\PCTCore64.sys
      2012-10-27 08:17 . 2012-06-22 13:35 251560 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
      2012-10-27 08:16 . 2012-06-22 13:35 92928 ----a-w- c:\windows\system32\drivers\pctplsg64.sys
      2012-10-27 08:14 . 2012-10-27 09:42 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
      2012-10-27 08:14 . 2012-10-29 08:38 -------- d-----w- c:\program files (x86)\PC Tools Security
      2012-10-27 08:10 . 2012-10-27 09:43 -------- d-----w- c:\programdata\PC Tools
      2012-10-25 07:21 . 2012-10-25 07:21 -------- d-----w- C:\TDSSKiller_Quarantine
      2012-10-24 15:15 . 2012-03-12 21:27 11776 ----a-w- c:\windows\Colous.exe
      2012-10-24 15:15 . 2008-03-25 08:39 69660 ----a-w- c:\windows\Fart.exe
      2012-10-24 09:04 . 2012-10-24 09:04 -------- d-----w- c:\users\Tienda\AppData\Roaming\GlarySoft
      2012-10-24 09:01 . 2012-10-24 09:02 -------- d-----w- c:\program files (x86)\Glary Utilities
      2012-10-24 07:37 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
      2012-10-24 07:37 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
      2012-10-24 07:37 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
      2012-10-24 07:37 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll
      2012-10-24 07:37 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
      2012-10-24 07:37 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
      2012-10-24 07:37 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
      2012-10-24 07:37 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
      2012-10-24 07:37 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
      2012-10-23 18:24 . 2012-10-26 15:01 -------- d-----w- c:\users\Tienda\DoctorWeb
      2012-10-23 18:09 . 2012-10-23 18:09 -------- d-----w- c:\program files (x86)\ESET
      2012-10-23 16:30 . 2012-10-23 16:30 94208 --sha-r- c:\program files (x86)\Common Files\KBDAZEL.dll
      2012-10-22 15:56 . 2012-10-22 15:56 -------- d-----w- c:\program files (x86)\Common Files\Java
      2012-10-20 08:52 . 2012-10-20 08:52 -------- d-sh--w- c:\users\Tienda\Phone Browser
      2012-10-20 08:41 . 2012-10-20 08:48 -------- d-----w- c:\users\Tienda\AppData\Local\Nokia
      2012-10-20 08:39 . 2012-10-20 08:40 -------- d-----w- c:\programdata\Nokia
      2012-10-20 08:39 . 2012-06-27 13:18 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
      2012-10-20 08:38 . 2012-10-20 08:38 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
      2012-10-17 10:33 . 2011-06-01 02:17 848384 ----a-r- c:\windows\system32\drivers\rtl8192cu.sys
      2012-10-17 10:33 . 2012-10-17 10:33 -------- d-----w- c:\program files (x86)\Belkin
      2012-10-17 10:33 . 2011-01-19 13:01 451072 ----a-w- c:\windows\SysWow64\ISSRemoveSP.exe
      2012-10-15 18:09 . 2012-10-15 18:09 466456 ----a-w- c:\windows\system32\wrap_oal.dll
      2012-10-15 18:09 . 2012-10-15 18:09 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
      2012-10-15 18:09 . 2012-10-15 18:09 122904 ----a-w- c:\windows\system32\OpenAL32.dll
      2012-10-15 18:09 . 2012-10-15 18:09 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
      2012-10-15 18:09 . 2012-10-15 18:09 -------- d-----w- c:\program files (x86)\OpenAL
      2012-10-10 07:33 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
      2012-10-10 07:33 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
      2012-10-10 07:31 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
      2012-10-10 07:31 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
      2012-10-10 07:31 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-10-10 07:31 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
      2012-10-10 07:31 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
      2012-10-10 07:31 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
      2012-10-10 07:30 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
      2012-10-10 07:30 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
      2012-10-10 07:30 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
      2012-10-10 07:30 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
      2012-10-10 07:30 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
      2012-10-10 07:30 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
      2012-10-02 15:14 . 2007-04-09 23:06 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
      2012-10-02 15:14 . 2011-04-20 01:03 120320 ----a-w- c:\windows\system32\E_ILMHJE.DLL
      2012-10-02 15:14 . 2011-03-15 01:03 83968 ----a-w- c:\windows\system32\E_ID4BHJE.DLL
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-10-10 09:18 . 2011-03-16 09:51 65309168 ----a-w- c:\windows\system32\MRT.exe
      2012-10-10 08:40 . 2012-03-30 07:14 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-10-10 08:40 . 2011-06-28 07:01 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-09-29 17:54 . 2011-11-22 19:02 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-09-25 11:56 . 2012-09-25 10:45 17280 ----a-w- c:\windows\system32\drivers\USBDrv_AMD64.sys
      2012-09-24 13:32 . 2012-07-16 09:56 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
      2012-09-24 13:32 . 2011-03-15 18:05 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2012-08-24 11:15 . 2012-09-22 11:44 17810944 ----a-w- c:\windows\system32\mshtml.dll
      2012-08-24 10:39 . 2012-09-22 11:44 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2012-08-24 10:31 . 2012-09-22 11:44 2312704 ----a-w- c:\windows\system32\jscript9.dll
      2012-08-24 10:22 . 2012-09-22 11:44 1346048 ----a-w- c:\windows\system32\urlmon.dll
      2012-08-24 10:21 . 2012-09-22 11:44 1392128 ----a-w- c:\windows\system32\wininet.dll
      2012-08-24 10:20 . 2012-09-22 11:44 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-08-24 10:18 . 2012-09-22 11:44 237056 ----a-w- c:\windows\system32\url.dll
      2012-08-24 10:17 . 2012-09-22 11:44 85504 ----a-w- c:\windows\system32\jsproxy.dll
      2012-08-24 10:14 . 2012-09-22 11:44 173056 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-08-24 10:14 . 2012-09-22 11:44 816640 ----a-w- c:\windows\system32\jscript.dll
      2012-08-24 10:13 . 2012-09-22 11:44 599040 ----a-w- c:\windows\system32\vbscript.dll
      2012-08-24 10:12 . 2012-09-22 11:44 2144768 ----a-w- c:\windows\system32\iertutil.dll
      2012-08-24 10:11 . 2012-09-22 11:44 729088 ----a-w- c:\windows\system32\msfeeds.dll
      2012-08-24 10:10 . 2012-09-22 11:44 96768 ----a-w- c:\windows\system32\mshtmled.dll
      2012-08-24 10:09 . 2012-09-22 11:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-08-24 10:04 . 2012-09-22 11:44 248320 ----a-w- c:\windows\system32\ieui.dll
      2012-08-24 06:59 . 2012-09-22 11:44 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
      2012-08-24 06:51 . 2012-09-22 11:44 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
      2012-08-24 06:51 . 2012-09-22 11:44 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
      2012-08-24 06:47 . 2012-09-22 11:44 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
      2012-08-24 06:47 . 2012-09-22 11:44 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
      2012-08-24 06:43 . 2012-09-22 11:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
      2012-08-22 18:12 . 2012-09-12 07:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2012-08-22 18:12 . 2012-09-12 07:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
      2012-08-22 18:12 . 2012-09-12 07:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
      2012-08-22 18:12 . 2012-09-12 07:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2012-08-21 21:01 . 2012-09-26 07:16 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
      2012-08-21 11:01 . 2012-09-17 18:26 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
      2012-08-21 11:01 . 2011-03-16 08:51 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
      2012-08-21 11:01 . 2011-03-16 08:51 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
      2012-08-20 17:38 . 2012-10-10 07:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2012-08-02 17:58 . 2012-09-12 07:12 574464 ----a-w- c:\windows\system32\d3d10level9.dll
      2012-08-02 16:57 . 2012-09-12 07:12 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
      @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
      [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
      2012-07-09 16:44 208608 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
      @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
      [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
      2012-07-09 16:44 208608 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
      @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
      [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
      2012-07-09 16:44 208608 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 94208 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 94208 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 94208 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 94208 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
      "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-09-06 15668432]
      "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
      "Malwarebytes Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2012-09-29 981656]
      "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
      "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
      "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
      .
      c:\users\Tienda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Dropbox.lnk - c:\users\Tienda\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
      GOMIS.BAT - Acceso directo.lnk - c:\users\Tienda\Documents\GOMIS.BAT [2012-6-4 35]
      PrtSvr.exe - Acceso directo.lnk - c:\program files (x86)\Rpv\PrtSvr.exe [2012-6-4 2449408]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 0 (0x0)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableLUA"= 0 (0x0)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
      BootExecute REG_MULTI_SZ autocheck autochk /p \??\H:\0autocheck autochk *
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 gupdate;Servicio Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
      R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
      R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-10 250808]
      R3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
      R3 gupdatem;Servicio de Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
      R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
      R3 hwi4857;USB Flash Memory Controller Service2;c:\windows\system32\Drivers\hwi4857.sys [x]
      R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-13 115168]
      R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
      R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [2012-06-22 85224]
      R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter64.sys [2012-04-19 123808]
      R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
      R3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw64.sys [2012-06-22 181032]
      R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [2012-06-22 92928]
      R3 PortRST;BaromTec HMS30C6001 Reset Driver;c:\windows\system32\Drivers\PortRST.sys [x]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
      R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools Security\pctsAuxs.exe [2012-06-22 402368]
      R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2012-06-22 41968]
      R3 ThreatFire;ThreatFire;c:\program files (x86)\PC Tools Security\TFEngine\TFService.exe service [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
      R3 usbUDisc;usbUDisc;c:\windows\system32\DRIVERS\USBDrv_AMD64.sys [2012-09-25 17280]
      R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2011-04-26 45616]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-16 1255736]
      R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
      S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [2012-04-23 426616]
      S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [2012-02-28 453896]
      S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [2012-02-28 1096176]
      S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2012-06-22 65664]
      S0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [2012-06-22 706776]
      S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2012-06-22 341200]
      S1 pctNdisLW64;PC Tools NDIS 6 LightWeight filter;c:\windows\system32\DRIVERS\pctNdisLW64.sys [2012-03-19 77976]
      S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [2012-06-22 251560]
      S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 224048]
      S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 130864]
      S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
      S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-04 238080]
      S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-03 361984]
      S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2012-06-22 575448]
      S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
      S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
      S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-12-02 74752]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
      S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
      S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
      S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
      S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
      S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-04 359936]
      S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
      S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
      S3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192cu.sys [2011-06-01 848384]
      S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
      S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 165680]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 08:40]
      .
      2012-10-29 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files (x86)\Glary Utilities\initialize.exe [2012-10-24 10:45]
      .
      2012-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 17:50]
      .
      2012-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 17:50]
      .
      2012-10-29 c:\windows\Tasks\JOWUU.job
      - c:\windows\system32\rundll32.exe [2009-07-13 01:14]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
      @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
      [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
      2012-07-09 16:44 232672 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
      @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
      [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
      2012-07-09 16:44 232672 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
      @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
      [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
      2012-07-09 16:44 232672 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
      2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
      2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
      2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
      2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://www.google.com
      uDefault_Search_URL = hxxp://www.google.com/ie
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = *.local
      uSearchAssistant = hxxp://www.google.com/ie
      uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
      mSearchAssistant = hxxp://start.facemoods.com/?a=make&s={searchTerms}&f=4
      IE: Descargar con Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
      LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
      TCP: DhcpNameServer = 80.58.61.250 80.58.61.254
      TCP: Interfaces\{2D9258C7-3B3C-425B-BB6E-20ADB89FB1E9}: NameServer = 80.58.0.33,8.8.8.8
      FF - ProfilePath - c:\users\Tienda\AppData\Roaming\Mozilla\Firefox\Profiles\5x2d9p23.default\
      FF - prefs.js: keyword.URL - hxxp://google.com
      FF - ExtSQL: 2012-08-31 11:48; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
      FF - ExtSQL: 2012-09-19 11:09; {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}; c:\users\Tienda\AppData\Roaming\Mozilla\Firefox\Profiles\5x2d9p23.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
      FF - ExtSQL: 2012-10-22 17:56; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
      FF - ExtSQL: 2012-10-27 11:43; {cb84136f-9c44-433a-9048-c5cd9df1dc16}; c:\program files (x86)\PC Tools Security\BDT\Firefox
      FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110183&tt=3012_8
      FF - user.js: extensions.BabylonToolbar_i.babExt -
      FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
      FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
      FF - user.js: extensions.BabylonToolbar.id - 784e579d00000000000000262d130f0f
      FF - user.js: extensions.BabylonToolbar.instlDay - 15549
      FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1
      FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.112:33
      FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar.tlbrId - base
      FF - user.js: extensions.BabylonToolbar.instlRef - sst
      FF - user.js: extensions.BabylonToolbar.dfltLng - en
      FF - user.js: extensions.BabylonToolbar.excTlbr - false
      FF - user.js: extensions.BabylonToolbar.admin - false
      .
      - - - - ORPHANS REMOVED - - - -
      .
      BHO-{db131c55-60c8-4adc-84dc-9e76ab06e2dc} - c:\program files (x86)\uTorrentBar_ES\tbuTor.dll
      Wow6432Node-HKLM-Run-PCTools FGuard - c:\program files (x86)\PC Tools Security\BDT\FGuard.exe
      ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
      ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
      ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
      ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
      AddRemove-uTorrentBar_ES Toolbar - c:\progra~2\UTORRE~1\UNWISE.EXE
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\S-1-5-21-3184329585-738872171-714124981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*<%*ã*]
      @Class="Shell"
      @Allowed: (Read) (RestrictedCode)
      .
      [HKEY_USERS\S-1-5-21-3184329585-738872171-714124981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*<%*ã*\OpenWithList]
      @Class="Shell"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
      "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      c:\windows\SysWOW64\rundll32.exe
      .
      **************************************************************************
      .
      Completion time: 2012-10-29 10:09:54 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-10-29 09:09
      ComboFix2.txt 2012-10-25 15:13
      .
      Pre-Run: 207.882.854.400 bytes libres
      Post-Run: 207.678.500.864 bytes libres
      .
      - - End Of File - - D14E7421D3163E70B065431ADBBD9C71
      Última edición por Ramon2k12 fecha: 29/10/12 a las 05:21:00

    6. #16
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.638

      Re: Desconexión del centro de seguridad y redireccionamiento de google.

      Hola de nuevo


      Realiza lo siguiente :

      • Clic en INICIO > EJECUTAR >
        • Y ahí pones notepad.exe y ACEPTAR
        • Ahora copia y pega el texto del cuadro de mas abajo dentro del Notepad


      Código:
      KillAll::
      ClearJavaCache::
      File::
      c:\program files (x86)\Rpv\PrtSvr.exe
      c:\windows\Tasks\JOWUU.job
      Folder::
      c:\program files (x86)\Rpv
      c:\users\Tienda\AppData\Local\Temp


      • Guarda este archivo con el nombre CFScript.txt
      • Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra el screenshot de abajo.



      • ComboFix comenzará otra vez a ejecutarse. Cuando termine generara un nuevo reporte que tendras que pegar en este mismo tema.




      Después de reiniciar, comprobas en funcionamiento y nos comentás.



      saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    7. #17
      Usuario Avatar de Ramon2k12
      Registrado
      oct 2012
      Ubicación
      Alicante
      Mensajes
      12

      Re: Desconexión del centro de seguridad y redireccionamiento de google.

      Ya me da vergueza seguir dando la lata, sigo con los problemas, aunque los primeros enlaces de google han funcionado bien, al rato de estar probando empieza a redireccionar, y en cuanto al Centro de Seguridad, no se activa, si inicio el servicio se vuelve a desactivar, aunque antes de volver a desactivarse el windows defender hace un intento de arrancar (el antivirus essentials lo desinstalé) pero luego rápidamente desaparece y me quedo igual.
      Estoy empezando a valorar la posibilidad de reinstalar windows para terminar la pesadilla.

      Gracias por tu tiempo.

      Te pego el log del ComboFix:

      ComboFix 12-10-29.04 - Tienda 29/10/2012 17:35:12.4.1 - x64
      Microsoft Windows 7 Professional 6.1.7601.1.1252.34.3082.18.4095.2706 [GMT 1:00]
      Running from: c:\users\Tienda\Desktop\ComboFix.exe
      Command switches used :: c:\users\Tienda\Desktop\CFScript.txt
      AV: Internet Security Anti-Virus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
      FW: PC Tools Internet Security Firewall *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
      SP: PC Tools Internet Security Anti-Spyware *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
      SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      FILE ::
      "c:\program files (x86)\Rpv\PrtSvr.exe"
      "c:\windows\Tasks\JOWUU.job"
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files (x86)\Rpv
      c:\program files (x86)\Rpv\ActiveLang
      c:\program files (x86)\Rpv\AddEprinter.exe
      c:\program files (x86)\Rpv\banner_1.bmp
      c:\program files (x86)\Rpv\borrador.ico
      c:\program files (x86)\Rpv\bxls.dat
      c:\program files (x86)\Rpv\cemsg.exe
      c:\program files (x86)\Rpv\comdlg32.ocx
      c:\program files (x86)\Rpv\Cvi
      c:\program files (x86)\Rpv\Default.rpv
      c:\program files (x86)\Rpv\Dlv.exe
      c:\program files (x86)\Rpv\E-Mailer.chm
      c:\program files (x86)\Rpv\e-mailer.exe
      c:\program files (x86)\Rpv\E-Mailer.ini
      c:\program files (x86)\Rpv\e-mailer.lng
      c:\program files (x86)\Rpv\e-printer-in.ini
      c:\program files (x86)\Rpv\e-printer.ini
      c:\program files (x86)\Rpv\EprSvr.exe
      c:\program files (x86)\Rpv\Error
      c:\program files (x86)\Rpv\espanol.cnv
      c:\program files (x86)\Rpv\fileapply.exe
      c:\program files (x86)\Rpv\hand.cur
      c:\program files (x86)\Rpv\instpdf.exe
      c:\program files (x86)\Rpv\Justify.exe
      c:\program files (x86)\Rpv\License.txt
      c:\program files (x86)\Rpv\margadj.exe
      c:\program files (x86)\Rpv\marker01.ico
      c:\program files (x86)\Rpv\marker02.ico
      c:\program files (x86)\Rpv\marker03.ico
      c:\program files (x86)\Rpv\marker04.ico
      c:\program files (x86)\Rpv\marker05.ico
      c:\program files (x86)\Rpv\MSMAPI32.OCX
      c:\program files (x86)\Rpv\novapsv.exe
      c:\program files (x86)\Rpv\pencil.bmp
      c:\program files (x86)\Rpv\portugues.cnv
      c:\program files (x86)\Rpv\PrtSvr.exe
      c:\program files (x86)\Rpv\rit.ocx
      c:\program files (x86)\Rpv\Rpv.chm
      c:\program files (x86)\Rpv\Rpv.exe
      c:\program files (x86)\Rpv\Rpv.ini
      c:\program files (x86)\Rpv\Rpv.lng
      c:\program files (x86)\Rpv\Rpv_Graph.ocx
      c:\program files (x86)\Rpv\Rpv2.lng
      c:\program files (x86)\Rpv\rpv2pdf.exe
      c:\program files (x86)\Rpv\rpv32.ico
      c:\program files (x86)\Rpv\RpvConfig.exe
      c:\program files (x86)\Rpv\rpvconnect.exe
      c:\program files (x86)\Rpv\RpvCorporate.ocx
      c:\program files (x86)\Rpv\RpvEmailerEngine.ocx
      c:\program files (x86)\Rpv\RpvPack.exe
      c:\program files (x86)\Rpv\RpvPrint.exe
      c:\program files (x86)\Rpv\RpvPrintDir.exe
      c:\program files (x86)\Rpv\RpvPrintDir.lng
      c:\program files (x86)\Rpv\RpvProgress.ocx
      c:\program files (x86)\Rpv\RpvUpd.exe
      c:\program files (x86)\Rpv\RpvUpd.lng
      c:\program files (x86)\Rpv\rsm.dll
      c:\program files (x86)\Rpv\sawzip.dll
      c:\program files (x86)\Rpv\SAWZip.tlb
      c:\program files (x86)\Rpv\starter.exe
      c:\program files (x86)\Rpv\TABCTL32.OCX
      c:\program files (x86)\Rpv\tilde01.ico
      c:\program files (x86)\Rpv\tilde02.ico
      c:\program files (x86)\Rpv\tilde03.ico
      c:\program files (x86)\Rpv\tilde04.ico
      c:\program files (x86)\Rpv\tilde05.ico
      c:\program files (x86)\Rpv\tildenat01.bmp
      c:\program files (x86)\Rpv\tildenat02.bmp
      c:\program files (x86)\Rpv\tildenat03.bmp
      c:\program files (x86)\Rpv\tildenat04.bmp
      c:\program files (x86)\Rpv\tildenat05.bmp
      c:\program files (x86)\Rpv\tnote.ico
      c:\program files (x86)\Rpv\TxtToRpv.exe
      c:\program files (x86)\Rpv\unins000.dat
      c:\program files (x86)\Rpv\unins000.exe
      c:\program files (x86)\Rpv\warning.bmp
      c:\program files (x86)\Rpv\WordWrap.exe
      c:\program files (x86)\Rpv\ynote.ico
      c:\program files (x86)\Rpv\zlib.dll
      c:\users\Tienda\AppData\Local\Temp
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\_ctypes.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\_elementtree.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\_hashlib.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\_socket.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\_ssl.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\bz2.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\main.exe.manifest
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\mfc90.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\mfc90u.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\mfcm90.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\mfcm90u.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\psapi.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\pyexpat.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\pysqlite2._sqlite.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\python26.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\pythoncom26.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\pywintypes26.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\html\drive_loading.html
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\ar\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\bg\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\bn\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\ca\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\cs\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\da\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\de\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\el\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\en\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\en_GB\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\en_US\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\es\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\fi\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\fil\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\fr\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\gu\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\he\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\hi\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\hr\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\hu\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\id\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\it\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\ja\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\kn\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\ko\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\lt\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\lv\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\ml\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\mr\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\nl\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\no\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\pl\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\pt\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\pt_BR\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\pt_PT\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\ro\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\ru\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\sk\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\sl\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\sr\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\sv\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\ta\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\te\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\th\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\tr\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\uk\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\vi\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\zh-Hans\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\zh-Hant\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\zh\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\zh_CN\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\zh_HK\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\i18n\locale\zh_TW\LC_MESSAGES\syncclient.mo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\__init__.py
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\__init__.pyo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\drive-logo.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\exclaim.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\file.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\folder-mac.icns
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\folder-winseven.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\folder-winxp.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\folder.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gdoc.icns
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gdoc.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gdraw.icns
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gdraw.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gform.icns
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gform.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\glink.icns
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\glink.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gsheet.icns
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gsheet.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gslides.icns
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gslides.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gtable.icns
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\gtable.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\image_resources.py
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\image_resources.pyo
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\info1-mac.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\info1-windows7.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\info1-windowsxp.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\info2-default.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\info2-mac.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\info2-win7.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\info2-winxp.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate1-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate1.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate2-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate2.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate3-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate3.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate4-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate4.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate5-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate5.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate6-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate6.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate7-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate7.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate8-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-animate8.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-error-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-error.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-inactive-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-inactive.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-normal-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-normal.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-paused-inverse.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\mac-paused.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\menu_warning.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\overlays\Blacklisted.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\overlays\Shared.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\overlays\Synced.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\overlays\Syncing.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\sharedfolder-mac.icns
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\sharedfolder-winseven.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\sharedfolder-winxp.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\shareguyicon.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\sync.icns
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\sync.ico
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\sync.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\sync_128.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\toprighticon.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win-animate1.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win-animate2.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win-animate3.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win-animate4.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win-animate5.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win-animate6.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win-animate7.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win-animate8.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win-normal.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win7-error.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win7-inactive.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\win7-paused.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\winxp-error.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\winxp-inactive.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\resources\images\winxp-paused.png
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\select.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\shell32.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\unicodedata.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32api.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32com.shell.shell.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32crypt.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32event.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32evtlog.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32file.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32inet.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32pdh.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32pipe.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32process.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32security.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32trace.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32ui.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\win32wnet.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\windows._cacheinvalidation.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wx._controls_.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wx._core_.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wx._gdi_.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wx._html2.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wx._misc_.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wx._windows_.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wx._wizard.pyd
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wxbase293u_net_vc.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wxbase293u_vc.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wxmsw293u_adv_vc.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wxmsw293u_core_vc.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wxmsw293u_html_vc.dll
      c:\users\Tienda\AppData\Local\Temp\_MEI29162\wxmsw293u_webview_vc.dll
      c:\users\Tienda\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
      c:\users\Tienda\AppData\Local\Temp\Cookies\index.dat
      c:\users\Tienda\AppData\Local\Temp\Fixit\DeleteAclKey.bat
      c:\users\Tienda\AppData\Local\Temp\Fixit\DeleteAclKey.exe
      c:\users\Tienda\AppData\Local\Temp\FXSAPIDebugLogFile.txt
      c:\users\Tienda\AppData\Local\Temp\History\History.IE5\desktop.ini
      c:\users\Tienda\AppData\Local\Temp\History\History.IE5\index.dat
      c:\users\Tienda\AppData\Local\Temp\MozillaMailnews\Feeds.msf
      c:\users\Tienda\AppData\Local\Temp\SMFilter\History\History.log
      c:\users\Tienda\AppData\Local\Temp\SMFilter\SM.lock
      c:\users\Tienda\AppData\Local\Temp\Temporary Internet Files\Content.IE5\0K0ORA6V\desktop.ini
      c:\users\Tienda\AppData\Local\Temp\Temporary Internet Files\Content.IE5\desktop.ini
      c:\users\Tienda\AppData\Local\Temp\Temporary Internet Files\Content.IE5\DMVXOO3A\desktop.ini
      c:\users\Tienda\AppData\Local\Temp\Temporary Internet Files\Content.IE5\EY3K5UG9\desktop.ini
      c:\users\Tienda\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
      c:\users\Tienda\AppData\Local\Temp\Temporary Internet Files\Content.IE5\OTOQQ9X2\desktop.ini
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-09-28 to 2012-10-29 )))))))))))))))))))))))))))))))
      .
      .
      2012-10-29 16:54 . 2012-10-29 16:55 -------- d-----w- c:\users\Tienda\AppData\Local\Temp
      2012-10-29 16:54 . 2012-10-29 16:54 -------- d-----w- C:\_MEI39642
      2012-10-29 16:47 . 2012-10-29 16:47 -------- d-----w- c:\users\Tienda2\AppData\Local\temp
      2012-10-29 16:47 . 2012-10-29 16:47 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-10-29 10:13 . 2012-10-29 10:13 7298 ----a-w- C:\FixitRegBackup.reg
      2012-10-27 09:48 . 2012-10-27 09:48 -------- d-----w- c:\users\Tienda\AppData\Roaming\PC Tools
      2012-10-27 09:48 . 2012-10-27 09:48 -------- d-----w- c:\users\Tienda\AppData\Roaming\Spam Monitor
      2012-10-27 09:43 . 2012-06-22 09:39 85224 ----a-w- c:\windows\system32\drivers\PCTBD64.sys
      2012-10-27 09:42 . 2012-06-22 13:33 14808 ----a-w- c:\windows\system32\drivers\pctBTFix64.sys
      2012-10-27 09:42 . 2012-06-22 12:21 706776 ----a-w- c:\windows\system32\drivers\TfSysMon.sys
      2012-10-27 09:42 . 2012-06-22 12:21 65664 ----a-w- c:\windows\system32\drivers\TfFsMon.sys
      2012-10-27 09:42 . 2012-06-22 12:21 41968 ----a-w- c:\windows\system32\drivers\TfNetMon.sys
      2012-10-27 09:42 . 2012-06-22 13:35 181032 ----a-w- c:\windows\system32\drivers\pctplfw64.sys
      2012-10-27 09:42 . 2012-04-19 07:57 123808 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter64.sys
      2012-10-27 09:42 . 2012-03-19 10:02 77976 ----a-w- c:\windows\system32\drivers\pctNdisLW64.sys
      2012-10-27 09:42 . 2010-07-08 06:49 79000 ----a-w- c:\windows\system32\drivers\pctNdis64.sys
      2012-10-27 09:05 . 2012-10-27 09:05 -------- d-----w- c:\users\Tienda\AppData\Roaming\TestApp
      2012-10-27 08:32 . 2012-06-22 09:38 767960 ----a-w- c:\windows\BDTSupport.dll
      2012-10-27 08:32 . 2012-06-22 09:39 149464 ----a-w- c:\windows\SGDetectionTool.dll
      2012-10-27 08:32 . 2012-06-22 09:39 2267096 ----a-w- c:\windows\PCTBDCore.dll
      2012-10-27 08:32 . 2012-06-22 09:39 1689560 ----a-w- c:\windows\PCTBDRes.dll
      2012-10-27 08:17 . 2012-02-28 09:43 1096176 ----a-w- c:\windows\system32\drivers\pctEFA64.sys
      2012-10-27 08:17 . 2012-02-28 09:43 453896 ----a-w- c:\windows\system32\drivers\pctDS64.sys
      2012-10-27 08:17 . 2012-06-22 13:29 145464 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys
      2012-10-27 08:17 . 2012-06-22 13:29 341200 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys
      2012-10-27 08:17 . 2012-04-23 10:36 426616 ----a-w- c:\windows\system32\drivers\PCTCore64.sys
      2012-10-27 08:17 . 2012-06-22 13:35 251560 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
      2012-10-27 08:16 . 2012-06-22 13:35 92928 ----a-w- c:\windows\system32\drivers\pctplsg64.sys
      2012-10-27 08:14 . 2012-10-27 09:42 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
      2012-10-27 08:14 . 2012-10-29 16:29 -------- d-----w- c:\program files (x86)\PC Tools Security
      2012-10-27 08:10 . 2012-10-27 09:43 -------- d-----w- c:\programdata\PC Tools
      2012-10-25 07:21 . 2012-10-25 07:21 -------- d-----w- C:\TDSSKiller_Quarantine
      2012-10-24 15:15 . 2012-03-12 21:27 11776 ----a-w- c:\windows\Colous.exe
      2012-10-24 15:15 . 2008-03-25 08:39 69660 ----a-w- c:\windows\Fart.exe
      2012-10-24 09:04 . 2012-10-24 09:04 -------- d-----w- c:\users\Tienda\AppData\Roaming\GlarySoft
      2012-10-24 09:01 . 2012-10-24 09:02 -------- d-----w- c:\program files (x86)\Glary Utilities
      2012-10-24 07:37 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
      2012-10-24 07:37 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
      2012-10-24 07:37 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
      2012-10-24 07:37 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll
      2012-10-24 07:37 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
      2012-10-24 07:37 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
      2012-10-24 07:37 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
      2012-10-24 07:37 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
      2012-10-24 07:37 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
      2012-10-23 18:24 . 2012-10-26 15:01 -------- d-----w- c:\users\Tienda\DoctorWeb
      2012-10-23 18:09 . 2012-10-23 18:09 -------- d-----w- c:\program files (x86)\ESET
      2012-10-23 16:30 . 2012-10-23 16:30 94208 --sha-r- c:\program files (x86)\Common Files\KBDAZEL.dll
      2012-10-22 15:56 . 2012-10-22 15:56 -------- d-----w- c:\program files (x86)\Common Files\Java
      2012-10-20 08:52 . 2012-10-20 08:52 -------- d-sh--w- c:\users\Tienda\Phone Browser
      2012-10-20 08:41 . 2012-10-20 08:48 -------- d-----w- c:\users\Tienda\AppData\Local\Nokia
      2012-10-20 08:39 . 2012-10-20 08:40 -------- d-----w- c:\programdata\Nokia
      2012-10-20 08:39 . 2012-06-27 13:18 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
      2012-10-20 08:38 . 2012-10-20 08:38 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
      2012-10-17 10:33 . 2011-06-01 02:17 848384 ----a-r- c:\windows\system32\drivers\rtl8192cu.sys
      2012-10-17 10:33 . 2012-10-17 10:33 -------- d-----w- c:\program files (x86)\Belkin
      2012-10-17 10:33 . 2011-01-19 13:01 451072 ----a-w- c:\windows\SysWow64\ISSRemoveSP.exe
      2012-10-15 18:09 . 2012-10-15 18:09 466456 ----a-w- c:\windows\system32\wrap_oal.dll
      2012-10-15 18:09 . 2012-10-15 18:09 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
      2012-10-15 18:09 . 2012-10-15 18:09 122904 ----a-w- c:\windows\system32\OpenAL32.dll
      2012-10-15 18:09 . 2012-10-15 18:09 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
      2012-10-15 18:09 . 2012-10-15 18:09 -------- d-----w- c:\program files (x86)\OpenAL
      2012-10-10 07:33 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
      2012-10-10 07:33 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
      2012-10-10 07:31 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
      2012-10-10 07:31 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
      2012-10-10 07:31 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-10-10 07:31 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
      2012-10-10 07:31 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
      2012-10-10 07:31 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
      2012-10-10 07:30 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
      2012-10-10 07:30 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
      2012-10-10 07:30 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
      2012-10-10 07:30 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
      2012-10-10 07:30 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
      2012-10-10 07:30 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
      2012-10-02 15:14 . 2007-04-09 23:06 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
      2012-10-02 15:14 . 2011-04-20 01:03 120320 ----a-w- c:\windows\system32\E_ILMHJE.DLL
      2012-10-02 15:14 . 2011-03-15 01:03 83968 ----a-w- c:\windows\system32\E_ID4BHJE.DLL
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-10-10 09:18 . 2011-03-16 09:51 65309168 ----a-w- c:\windows\system32\MRT.exe
      2012-10-10 08:40 . 2012-03-30 07:14 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-10-10 08:40 . 2011-06-28 07:01 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-09-29 17:54 . 2011-11-22 19:02 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-09-25 11:56 . 2012-09-25 10:45 17280 ----a-w- c:\windows\system32\drivers\USBDrv_AMD64.sys
      2012-09-24 13:32 . 2012-07-16 09:56 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
      2012-09-24 13:32 . 2011-03-15 18:05 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2012-08-24 11:15 . 2012-09-22 11:44 17810944 ----a-w- c:\windows\system32\mshtml.dll
      2012-08-24 10:39 . 2012-09-22 11:44 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2012-08-24 10:31 . 2012-09-22 11:44 2312704 ----a-w- c:\windows\system32\jscript9.dll
      2012-08-24 10:22 . 2012-09-22 11:44 1346048 ----a-w- c:\windows\system32\urlmon.dll
      2012-08-24 10:21 . 2012-09-22 11:44 1392128 ----a-w- c:\windows\system32\wininet.dll
      2012-08-24 10:20 . 2012-09-22 11:44 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-08-24 10:18 . 2012-09-22 11:44 237056 ----a-w- c:\windows\system32\url.dll
      2012-08-24 10:17 . 2012-09-22 11:44 85504 ----a-w- c:\windows\system32\jsproxy.dll
      2012-08-24 10:14 . 2012-09-22 11:44 173056 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-08-24 10:14 . 2012-09-22 11:44 816640 ----a-w- c:\windows\system32\jscript.dll
      2012-08-24 10:13 . 2012-09-22 11:44 599040 ----a-w- c:\windows\system32\vbscript.dll
      2012-08-24 10:12 . 2012-09-22 11:44 2144768 ----a-w- c:\windows\system32\iertutil.dll
      2012-08-24 10:11 . 2012-09-22 11:44 729088 ----a-w- c:\windows\system32\msfeeds.dll
      2012-08-24 10:10 . 2012-09-22 11:44 96768 ----a-w- c:\windows\system32\mshtmled.dll
      2012-08-24 10:09 . 2012-09-22 11:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-08-24 10:04 . 2012-09-22 11:44 248320 ----a-w- c:\windows\system32\ieui.dll
      2012-08-24 06:59 . 2012-09-22 11:44 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
      2012-08-24 06:51 . 2012-09-22 11:44 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
      2012-08-24 06:51 . 2012-09-22 11:44 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
      2012-08-24 06:47 . 2012-09-22 11:44 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
      2012-08-24 06:47 . 2012-09-22 11:44 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
      2012-08-24 06:43 . 2012-09-22 11:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
      2012-08-22 18:12 . 2012-09-12 07:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2012-08-22 18:12 . 2012-09-12 07:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
      2012-08-22 18:12 . 2012-09-12 07:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
      2012-08-22 18:12 . 2012-09-12 07:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2012-08-21 21:01 . 2012-09-26 07:16 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
      2012-08-21 11:01 . 2012-09-17 18:26 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
      2012-08-21 11:01 . 2011-03-16 08:51 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
      2012-08-21 11:01 . 2011-03-16 08:51 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
      2012-08-20 17:38 . 2012-10-10 07:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2012-08-02 17:58 . 2012-09-12 07:12 574464 ----a-w- c:\windows\system32\d3d10level9.dll
      2012-08-02 16:57 . 2012-09-12 07:12 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{db131c55-60c8-4adc-84dc-9e76ab06e2dc}]
      c:\program files (x86)\uTorrentBar_ES\tbuTor.dll [BU]
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
      @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
      [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
      2012-07-09 16:44 208608 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
      @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
      [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
      2012-07-09 16:44 208608 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
      @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
      [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
      2012-07-09 16:44 208608 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 94208 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 94208 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 94208 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 94208 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
      "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-09-06 15668432]
      "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
      "Malwarebytes Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2012-09-29 981656]
      "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
      "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
      "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
      .
      c:\users\Tienda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Dropbox.lnk - c:\users\Tienda\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
      GOMIS.BAT - Acceso directo.lnk - c:\users\Tienda\Documents\GOMIS.BAT [2012-6-4 35]
      PrtSvr.exe - Acceso directo.lnk - c:\program files (x86)\Rpv\PrtSvr.exe [N/A]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 0 (0x0)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableLUA"= 0 (0x0)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
      BootExecute REG_MULTI_SZ autocheck autochk /p \??\H:\0autocheck autochk *
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 gupdate;Servicio Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
      R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
      R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-10 250808]
      R3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
      R3 gupdatem;Servicio de Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
      R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
      R3 hwi4857;USB Flash Memory Controller Service2;c:\windows\system32\Drivers\hwi4857.sys [x]
      R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-13 115168]
      R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
      R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [2012-06-22 85224]
      R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter64.sys [2012-04-19 123808]
      R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
      R3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw64.sys [2012-06-22 181032]
      R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [2012-06-22 92928]
      R3 PortRST;BaromTec HMS30C6001 Reset Driver;c:\windows\system32\Drivers\PortRST.sys [x]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
      R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools Security\pctsAuxs.exe [2012-06-22 402368]
      R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2012-06-22 41968]
      R3 ThreatFire;ThreatFire;c:\program files (x86)\PC Tools Security\TFEngine\TFService.exe service [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
      R3 usbUDisc;usbUDisc;c:\windows\system32\DRIVERS\USBDrv_AMD64.sys [2012-09-25 17280]
      R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2011-04-26 45616]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-16 1255736]
      R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
      S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [2012-04-23 426616]
      S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [2012-02-28 453896]
      S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [2012-02-28 1096176]
      S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2012-06-22 65664]
      S0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [2012-06-22 706776]
      S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2012-06-22 341200]
      S1 pctNdisLW64;PC Tools NDIS 6 LightWeight filter;c:\windows\system32\DRIVERS\pctNdisLW64.sys [2012-03-19 77976]
      S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [2012-06-22 251560]
      S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 224048]
      S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 130864]
      S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
      S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-04 238080]
      S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-03 361984]
      S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2012-06-22 575448]
      S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
      S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
      S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-12-02 74752]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
      S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
      S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
      S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
      S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
      S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-04 359936]
      S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
      S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis64.sys [2010-07-08 79000]
      S3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192cu.sys [2011-06-01 848384]
      S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
      S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 165680]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 08:40]
      .
      2012-10-29 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files (x86)\Glary Utilities\initialize.exe [2012-10-24 10:45]
      .
      2012-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 17:50]
      .
      2012-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 17:50]
      .
      2012-10-29 c:\windows\Tasks\JOWUU.job
      - c:\windows\system32\rundll32.exe [2009-07-13 01:14]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
      @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
      [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
      2012-07-09 16:44 232672 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
      @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
      [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
      2012-07-09 16:44 232672 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
      @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
      [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
      2012-07-09 16:44 232672 ----a-w- c:\users\Tienda\AppData\Local\Microsoft\SkyDrive\16.4.4111.0525\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
      2011-02-18 05:12 97792 ----a-w- c:\users\Tienda\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
      2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
      2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
      2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
      @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
      [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
      2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://www.google.com
      uDefault_Search_URL = hxxp://www.google.com/ie
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = *.local
      uSearchAssistant = hxxp://www.google.com/ie
      uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
      mSearchAssistant = hxxp://start.facemoods.com/?a=make&s={searchTerms}&f=4
      IE: Descargar con Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
      LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
      TCP: DhcpNameServer = 80.58.61.250 80.58.61.254
      TCP: Interfaces\{2D9258C7-3B3C-425B-BB6E-20ADB89FB1E9}: NameServer = 80.58.0.33,8.8.8.8
      FF - ProfilePath - c:\users\Tienda\AppData\Roaming\Mozilla\Firefox\Profiles\5x2d9p23.default\
      FF - prefs.js: browser.startup.homepage - Google
      FF - prefs.js: keyword.URL - hxxp://google.com
      FF - ExtSQL: 2012-08-31 11:48; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
      FF - ExtSQL: 2012-09-19 11:09; {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}; c:\users\Tienda\AppData\Roaming\Mozilla\Firefox\Profiles\5x2d9p23.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
      FF - ExtSQL: 2012-10-22 17:56; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
      FF - ExtSQL: 2012-10-27 11:43; {cb84136f-9c44-433a-9048-c5cd9df1dc16}; c:\program files (x86)\PC Tools Security\BDT\Firefox
      FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110183&tt=3012_8
      FF - user.js: extensions.BabylonToolbar_i.babExt -
      FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
      FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
      FF - user.js: extensions.BabylonToolbar.id - 784e579d00000000000000262d130f0f
      FF - user.js: extensions.BabylonToolbar.instlDay - 15549
      FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1
      FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.112:33
      FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar.tlbrId - base
      FF - user.js: extensions.BabylonToolbar.instlRef - sst
      FF - user.js: extensions.BabylonToolbar.dfltLng - en
      FF - user.js: extensions.BabylonToolbar.excTlbr - false
      FF - user.js: extensions.BabylonToolbar.admin - false
      .
      - - - - ORPHANS REMOVED - - - -
      .
      ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
      ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
      ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
      ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
      AddRemove-Rpv Business Reports END USER_is1 - c:\program files (x86)\Rpv\unins000.exe
      AddRemove-uTorrentBar_ES Toolbar - c:\progra~2\UTORRE~1\UNWISE.EXE
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\S-1-5-21-3184329585-738872171-714124981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*<%*ã*]
      @Class="Shell"
      @Allowed: (Read) (RestrictedCode)
      .
      [HKEY_USERS\S-1-5-21-3184329585-738872171-714124981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*<%*ã*\OpenWithList]
      @Class="Shell"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
      "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\windows\SysWOW64\rundll32.exe
      c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      .
      **************************************************************************
      .
      Completion time: 2012-10-29 18:00:39 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-10-29 17:00
      ComboFix2.txt 2012-10-29 09:09
      ComboFix3.txt 2012-10-25 15:13
      .
      Pre-Run: 201.447.522.304 bytes libres
      Post-Run: 201.331.789.824 bytes libres
      .
      - - End Of File - - 0EA23330370B9E99EFB8157928677E0E
      Última edición por Ramon2k12 fecha: 29/10/12 a las 14:37:17

    8. #18
      Usuario Avatar de Ramon2k12
      Registrado
      oct 2012
      Ubicación
      Alicante
      Mensajes
      12

      Re: Desconexión del centro de seguridad y redireccionamiento de google.

      Hola, aquí tienes el log, gracias:

      Farbar Service Scanner Version: 19-10-2012
      Ran by Tienda (administrator) on 05-11-2012 at 19:30:48
      Running from "C:\Users\Tienda\Desktop"
      Microsoft Windows 7 Professional Service Pack 1 (X64)
      Boot Mode: Normal
      ****************************************************************

      Internet Services:
      ============

      Connection Status:
      ==============
      Localhost is accessible.
      LAN connected.
      Google IP is accessible.
      Google.com is accessible.
      Yahoo IP is accessible.
      Yahoo.com is accessible.


      Windows Firewall:
      =============

      Firewall Disabled Policy:
      ==================


      System Restore:
      ============

      System Restore Disabled Policy:
      ========================


      Action Center:
      ============
      wscsvc Service is not running. Checking service configuration:
      The start type of wscsvc service is set to Disabled. The default start type is Auto.
      The ImagePath of wscsvc service is OK.
      The ServiceDll of wscsvc service is OK.


      Windows Update:
      ============

      Windows Autoupdate Disabled Policy:
      ============================


      Windows Defender:
      ==============
      WinDefend Service is not running. Checking service configuration:
      The start type of WinDefend service is set to Disabled. The default start type is Auto.
      The ImagePath of WinDefend service is OK.
      The ServiceDll of WinDefend service is OK.


      Other Services:
      ==============


      File Check:
      ========
      C:\Windows\System32\nsisvc.dll => MD5 is legit
      C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
      C:\Windows\System32\dhcpcore.dll => MD5 is legit
      C:\Windows\System32\drivers\afd.sys => MD5 is legit
      C:\Windows\System32\drivers\tdx.sys => MD5 is legit
      C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
      C:\Windows\System32\dnsrslvr.dll => MD5 is legit
      C:\Windows\System32\mpssvc.dll => MD5 is legit
      C:\Windows\System32\bfe.dll => MD5 is legit
      C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
      C:\Windows\System32\SDRSVC.dll => MD5 is legit
      C:\Windows\System32\vssvc.exe => MD5 is legit
      C:\Windows\System32\wscsvc.dll => MD5 is legit
      C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
      C:\Windows\System32\wuaueng.dll => MD5 is legit
      C:\Windows\System32\qmgr.dll => MD5 is legit
      C:\Windows\System32\es.dll => MD5 is legit
      C:\Windows\System32\cryptsvc.dll => MD5 is legit
      C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
      C:\Windows\System32\svchost.exe => MD5 is legit
      C:\Windows\System32\rpcss.dll => MD5 is legit


      **** End of log ****

    9. #19
      Usuario Avatar de Ramon2k12
      Registrado
      oct 2012
      Ubicación
      Alicante
      Mensajes
      12

      Re: Desconexión del centro de seguridad y redireccionamiento de google.

      Hola, creo que he logrado solucionarlo gracias a un programa llamado "Trojan remover".



      Gracias por todo el tiempo y esfuerzo que has empleado conmigo.

      Saludos cordiales.

    Página 2 de 2 PrimeroPrimero 12