• Registrarse
  • Iniciar sesión


  • Resultados 1 al 10 de 10

    Troyano Windows security

    Buenas, al parecer mi pc se infectó hace unos días al bajar unos de esos KeyGenerator, lo q pasó fue q mi Nod antivirus comenzó a spamearme notificaciones de virus q nunca acababan de: 08/11/2012 ...

    1. #1
      Usuario Avatar de MadZ
      Registrado
      oct 2010
      Ubicación
      Perú
      Mensajes
      15

      Troyano Windows security

      Buenas, al parecer mi pc se infectó hace unos días al bajar unos de esos KeyGenerator, lo q pasó fue q mi Nod antivirus comenzó a spamearme notificaciones de virus q nunca acababan de:

      08/11/2012 12:39:15 p.m. Protección en tiempo real del sistema de archivos archivo C:\Documents and Settings\user\Datos de programa\Windows Defender\Windows Security.exe una variante de Win32/Injector.WEB Troyano no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena USER-59D420579F\user Suceso ocurrido durante la creación de un archivo por la aplicación: C:\WINDOWS\system32\svchost.exe.

      luego de esto me bajé un programa llamado GridinSoft Trojan Killer que efectivamente me confirmó los troyanos... peeeero me metió un lapo diciendome q tenía q pagar para eliminarlos =_= bueno no hice mas, pero hoy ya voy reiniciando nas 5 veces la PC y esta carga re lento, re lentisimo como si no tuviera ni tarjeta de video, en frames cortadas... un asco... ya le pasé el NOD otra vez, el CCleaner otra vez y el Malwarebytes y no detectan nada... help pls :( ... tmbn tengo procesos q no había visto antes... el winlogon tmbn es virus no? =/

    2. #2
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Troyano Windows security

      Buenas.





      Realiza el siguiente procedimiento:


      Paso 1

      Descarga a tu escritorio:




      Paso 2


      Ejecuta en orden:

      AT - Destroyer


      • Ejecuta la herramienta como administrador.
      • (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Aparecerá el Disclaimer de la herramienta. Presiona .
      • Presiona sobre la opción 1 (Buscar y Destruir)
      • La herramienta desconectará el escritorio moméntaneamente.
      • En caso de estar infectado,la herramienta lo indicará con lineas rojas donde se haya encontrado la infección,sino,serán lineas verdes.
      • Una vez terminado el escaneo,podrás volver a ver el escritorio y se te abrirá un reporte,que deberás copiar en tu próxima respuesta.


      Ccleaner


      • En su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos..
      • En su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

      ComboFix


      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas y programas
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones. Si pide actualizar "Update" aceptas.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación, de no ser así lo reinicias manualmente.
        • Al finalizar el trabajo Comobofix generara un registro en C:\ComboFix.txt.






      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.




      *Nota* Si este procedimiento Falla, Intenta ingresar en Modo Seguro con funciones de red y Ejecutas las herramientas siguiendo las mismas instrucciones.


      Paso 3


      En Tu próxima respuesta, debes poner los reportes de AT - Destroyer y ComboFix, que se encuentra en C:\ComboFix.txt Y Comentarnos Como funciona el sistema el relación al problema inicial.



      Saludos.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de MadZ
      Registrado
      oct 2010
      Ubicación
      Perú
      Mensajes
      15

      Re: Troyano Windows security

      Gracias por la respuesta, adjunto lo del AT

      Código:
       #################################################### A/T-Destroyer by InfoSpyware ############ 
       
      A/T-Destroyer 1.0.7 By Infospyware 
      www.infospyware.com 
      Fecha iniciada en el analisis 09/11/2012 
      Hora iniciada en el analisis  17:58:42.39 
      Usuario Actual : [C:\Documents and Settings\user] 
      Sistema Operativo: Windows XP 
      Service pack: 3 
      Arquitectura: Sistema operativo de 32 bits 
      Versión Internet Explorer: 6.0.2900.5512 
      Modo Actual: Modo Normal. 
      Privilegios: [user-Administrador]   
      Versión Google Chrome: 23.0.1271.64 
      Versión Mozilla Firefox:  
      
      ====== Servicios Eliminados By A/T-Destroyer ====== 
      
      
      
      
      ====== Claves Eliminadas By A/T-Destroyer ====== 
      
      
      
      
      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ====== 
      
      
      
      
      ====== Información Extra ======  
       
       
                      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_ 
      "HKCU\Software\Microsoft\Internet Explorer\Main"  
      -  
      Start Page	==	http://www.google.com    
      -  
      Search Page	==	http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch    
      -  
      Local Page	==	C:\WINDOWS\system32\blank.htm    
      -  
      -  
        
      "HKLM\Software\Microsoft\Internet Explorer\Main"  
      -  
      Start Page	==	http://www.google.com    
      -  
      Search Page	==	http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch    
      -  
      Local Page	==	%SystemRoot%\system32\blank.htm    
      -  
      Default_Search_URL	==	http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch     
      -  
      Default_Page_URL	==	http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome     
      
      
      "HKEY_USERS\S-1-5-21-776561741-1078081533-1417001333-1003\Software\Microsoft\Internet Explorer\Main"  
      -  
      Start Page	==	http://www.google.com    
      -  
      Search Page	==	http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch    
      -  
      Local Page	==	C:\WINDOWS\system32\blank.htm    
      -  
      -  
      
      
                      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_ 
         "homepage": "http://www.google.com/",
         "homepage_changed": true,
         "homepage_is_newtabpage": false,
       
       
       
      
      
      
                               ======= EOF =======

      Lo del ComboFix

      Código:
      ComboFix 12-11-09.02 - user 09/11/2012  18:16:23.1.2 - x86
      Microsoft Windows XP Professional  5.1.2600.3.1252.34.3082.18.3069.2381 [GMT -5:00]
      Running from: c:\documents and settings\user\Mis documentos\Downloads\ComboFix.exe
      AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
      .
      .
      (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      C:\ches.txt
      c:\documents and settings\All Users\Datos de programa\TEMP
      c:\documents and settings\All Users\Datos de programa\TEMP\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild.exe
      c:\documents and settings\user\Datos de programa\Microsoft\Windows\98PU5BrWz6.cfg
      c:\documents and settings\user\Datos de programa\Microsoft\Windows\98PU5BrWz6.dat
      c:\documents and settings\user\Datos de programa\Microsoft\Windows\98PU5BrWz6.xtr
      c:\documents and settings\user\Datos de programa\Windows Defender
      c:\windows\system32\edb.log
      c:\windows\system32\muzapp.exe
      .
      .
      (((((((((((((((((((((((((   Files Created from 2012-10-09 to 2012-11-09  )))))))))))))))))))))))))))))))
      .
      .
      2012-11-09 22:49 . 2012-06-29 18:55	22528	----a-w-	c:\windows\AT-Uninstall.exe
      2012-11-09 22:49 . 2012-03-13 04:27	11776	----a-w-	c:\windows\Colous.exe
      2012-11-09 22:49 . 2008-03-25 15:39	69660	----a-w-	c:\windows\Fart.exe
      2012-11-08 17:31 . 2012-11-08 17:31	--------	d-----w-	c:\documents and settings\user\Datos de programa\Malwarebytes
      2012-11-08 17:31 . 2012-11-08 17:31	--------	d-----w-	c:\documents and settings\All Users\Datos de programa\Malwarebytes
      2012-11-08 17:31 . 2012-11-08 17:31	--------	d-----w-	c:\archivos de programa\Malwarebytes' Anti-Malware
      2012-11-08 17:31 . 2012-09-30 00:54	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
      2012-11-08 17:13 . 2012-11-08 17:49	--------	d-----w-	c:\archivos de programa\GridinSoft Trojan Killer
      2012-11-04 21:49 . 2012-11-04 22:59	--------	d-----w-	c:\documents and settings\user\Configuración local\Datos de programa\Temporary Projects
      2012-11-01 01:48 . 2012-11-01 01:54	--------	d-----w-	c:\archivos de programa\Microsoft SQL Server
      2012-11-01 01:42 . 2012-11-01 01:42	--------	d-----w-	c:\archivos de programa\Microsoft.NET
      2012-11-01 01:42 . 2012-11-01 01:45	--------	d-----w-	c:\archivos de programa\Microsoft Visual Studio 8
      2012-11-01 00:53 . 2012-11-01 00:53	--------	d-----w-	c:\documents and settings\user\Datos de programa\e-academy Inc
      2012-11-01 00:53 . 2012-11-01 00:53	--------	d-----w-	c:\documents and settings\user\Configuración local\Datos de programa\e-academy Inc
      2012-10-28 20:59 . 2012-10-28 20:59	--------	d-----w-	c:\documents and settings\user\Configuración local\Datos de programa\Unity
      2012-10-25 19:44 . 2008-04-14 05:26	12800	-c--a-w-	c:\windows\system32\dllcache\usb8023x.sys
      2012-10-25 19:44 . 2008-04-14 05:26	12800	----a-w-	c:\windows\system32\drivers\usb8023x.sys
      2012-10-25 19:44 . 2008-04-14 05:26	30592	-c--a-w-	c:\windows\system32\dllcache\rndismpx.sys
      2012-10-25 19:44 . 2008-04-14 05:26	30592	----a-w-	c:\windows\system32\drivers\rndismpx.sys
      2012-10-22 07:26 . 2012-10-22 07:26	--------	d-----w-	c:\documents and settings\user\Configuración local\Datos de programa\Samsung
      2012-10-22 07:26 . 2012-11-01 23:55	--------	d-----w-	c:\documents and settings\user\Datos de programa\Samsung
      2012-10-22 07:23 . 2008-03-21 18:57	14640	------w-	c:\windows\system32\spmsgXP_2k3.dll
      2012-10-22 07:23 . 2012-11-01 23:55	--------	dc----w-	c:\windows\system32\DRVSTORE
      2012-10-22 07:22 . 2012-09-27 01:57	4659712	----a-w-	c:\windows\system32\Redemption.dll
      2012-10-22 07:20 . 2012-11-01 23:54	--------	d-----w-	c:\documents and settings\All Users\Datos de programa\Samsung
      2012-10-22 07:20 . 2012-10-22 07:23	--------	d-----w-	c:\archivos de programa\Samsung
      2012-10-22 07:19 . 2012-10-22 07:19	--------	d-----w-	c:\documents and settings\user\Configuración local\Datos de programa\Downloaded Installations
      2012-10-20 01:39 . 2012-10-20 01:39	--------	d-----w-	c:\archivos de programa\Archivos comunes\DirectX
      2012-10-20 01:28 . 2012-10-20 01:28	--------	d-----w-	c:\documents and settings\user\Datos de programa\Kalydo
      2012-10-18 17:52 . 2012-09-25 04:16	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
      .
      .
      .
      ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-09-27 01:57 . 2012-09-27 01:57	974848	----a-w-	c:\windows\system32\cis-2.4.dll
      2012-09-27 01:57 . 2012-09-27 01:57	81920	----a-w-	c:\windows\system32\issacapi_bs-2.3.dll
      2012-09-27 01:57 . 2012-09-27 01:57	65536	----a-w-	c:\windows\system32\issacapi_pe-2.3.dll
      2012-09-27 01:57 . 2012-09-27 01:57	57344	----a-w-	c:\windows\system32\MTXSYNCICON.dll
      2012-09-27 01:57 . 2012-09-27 01:57	57344	----a-w-	c:\windows\system32\MK_Lyric.dll
      2012-09-27 01:57 . 2012-09-27 01:57	57344	----a-w-	c:\windows\system32\issacapi_se-2.3.dll
      2012-09-27 01:57 . 2012-09-27 01:57	569344	----a-w-	c:\windows\system32\muzdecode.ax
      2012-09-27 01:57 . 2012-09-27 01:57	491520	----a-w-	c:\windows\system32\muzapp.dll
      2012-09-27 01:57 . 2012-09-27 01:57	49152	----a-w-	c:\windows\system32\MaJGUILib.dll
      2012-09-27 01:57 . 2012-09-27 01:57	45320	----a-w-	c:\windows\system32\MAMACExtract.dll
      2012-09-27 01:57 . 2012-09-27 01:57	45056	----a-w-	c:\windows\system32\MaXMLProto.dll
      2012-09-27 01:57 . 2012-09-27 01:57	45056	----a-w-	c:\windows\system32\MACXMLProto.dll
      2012-09-27 01:57 . 2012-09-27 01:57	40960	----a-w-	c:\windows\system32\MTTELECHIP.dll
      2012-09-27 01:57 . 2012-09-27 01:57	352256	----a-w-	c:\windows\system32\MSLUR71.dll
      2012-09-27 01:57 . 2012-09-27 01:57	258048	----a-w-	c:\windows\system32\muzoggsp.ax
      2012-09-27 01:57 . 2012-09-27 01:57	245760	----a-w-	c:\windows\system32\MSCLib.dll
      2012-09-27 01:57 . 2012-09-27 01:57	24576	----a-w-	c:\windows\system32\MASetupCleaner.exe
      2012-09-27 01:57 . 2012-09-27 01:57	200704	----a-w-	c:\windows\system32\muzwmts.dll
      2012-09-27 01:57 . 2012-09-27 01:57	155648	----a-w-	c:\windows\system32\MSFLib.dll
      2012-09-27 01:57 . 2012-09-27 01:57	143360	----a-w-	c:\windows\system32\3DAudio.ax
      2012-09-27 01:57 . 2012-09-27 01:57	135168	----a-w-	c:\windows\system32\muzaf1.dll
      2012-09-27 01:57 . 2012-09-27 01:57	131072	----a-w-	c:\windows\system32\muzmpgsp.ax
      2012-09-27 01:57 . 2012-09-27 01:57	122880	----a-w-	c:\windows\system32\muzeffect.ax
      2012-09-27 01:57 . 2012-09-27 01:57	118784	----a-w-	c:\windows\system32\MaDRM.dll
      2012-09-27 01:57 . 2012-09-27 01:57	110592	----a-w-	c:\windows\system32\muzmp4sp.ax
      2012-09-23 02:39 . 2012-09-23 02:39	73136	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-09-23 02:39 . 2012-09-23 02:39	696240	----a-w-	c:\windows\system32\FlashPlayerApp.exe
      2012-09-21 18:22 . 2012-09-21 18:22	821736	----a-w-	c:\windows\system32\npDeployJava1.dll
      2012-09-21 18:22 . 2012-09-21 18:22	746984	----a-w-	c:\windows\system32\deployJava1.dll
      2012-09-21 03:17 . 2012-09-21 03:17	505128	----a-w-	c:\windows\system32\msvcp71.dll
      2012-09-21 03:17 . 2012-09-21 03:17	353576	----a-w-	c:\windows\system32\msvcr71.dll
      2012-09-21 03:17 . 2012-09-21 03:17	29480	----a-w-	c:\windows\system32\msxml3a.dll
      .
      .
      (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown 
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Skype"="c:\archivos de programa\Skype\Phone\Skype.exe" [2012-07-13 17418928]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SigmatelSysTrayApp"="sttray.exe" [2007-01-18 303104]
      "StartCCC"="c:\archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-29 61440]
      "egui"="c:\archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
      "Adobe ARM"="c:\archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "RemoteControl10"="c:\archivos de programa\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
      "BDRegion"="c:\archivos de programa\Cyberlink\Shared files\brs.exe" [2010-03-13 75048]
      "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
      "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
      "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
      "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
      "SunJavaUpdateSched"="c:\archivos de programa\Archivos comunes\Java\Java Update\jusched.exe" [2012-07-03 252848]
      .
      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
      @="Driver"
      .
      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "%windir%\\system32\\sessmgr.exe"=
      "c:\\Archivos de programa\\Windows Live\\Messenger\\wlcsdk.exe"=
      "c:\\Archivos de programa\\Windows Live\\Messenger\\msnmsgr.exe"=
      "c:\\Archivos de programa\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
      "c:\\Archivos de programa\\Skype\\Phone\\Skype.exe"=
      "c:\\Archivos de programa\\Java\\jre7\\bin\\javaw.exe"=
      "c:\\Archivos de programa\\uTorrent\\uTorrent.exe"=
      "c:\\Archivos de programa\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
      "c:\\Documents and Settings\\user\\Datos de programa\\Kalydo\\KalydoPlayer\\content\\apps\\FormulaCartoon\\Bin\\formulacartoonkalydo.exe"=
      .
      R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21/12/2010 15:04 115008]
      R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21/12/2010 13:47 94872]
      R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/09/20 22:19];c:\archivos de programa\CyberLink\PowerDVD10\NavFilter\000.fcl [13/03/2010 12:58 87536]
      R2 ekrn;ESET Service;c:\archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe [12/01/2011 16:41 810144]
      R2 MBAMScheduler;MBAMScheduler;c:\archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe [08/11/2012 12:31 399432]
      S2 MBAMService;MBAMService;c:\archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe [08/11/2012 12:31 676936]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [08/11/2012 12:31 22856]
      S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;c:\windows\system32\drivers\gtkdrv.sys [04/01/2012 9:28 16128]
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-23 02:39]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com
      mStart Page = hxxp://www.google.com
      IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~3\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 200.48.225.130 200.48.225.146
      .
      .
      **************************************************************************
      .
      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2012-11-09 18:20
      Windows 5.1.2600 Service Pack 3 NTFS
      .
      scanning hidden processes ...  
      .
      scanning hidden autostart entries ... 
      .
      scanning hidden files ...  
      .
      scan completed successfully
      hidden files: 0
      .
      **************************************************************************
      .
      [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
      "ImagePath"="\??\c:\archivos de programa\CyberLink\PowerDVD10\NavFilter\000.fcl"
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------
      .
      - - - - - - - > 'winlogon.exe'(1388)
      c:\windows\system32\Ati2evxx.dll
      .
      Completion time: 2012-11-09  18:22:25
      ComboFix-quarantined-files.txt  2012-11-09 23:22
      .
      Pre-Run: 64,908,726,272 bytes libres
      Post-Run: 64,874,475,520 bytes libres
      .
      WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
      [boot loader]
      timeout=2
      default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
      [operating systems]
      c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
      UnsupportedDebug="do not select this" /debug
      multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
      .
      - - End Of File - - D2627E29D57FE1525F5611FBBF7E99CB
      Bueno sentí q mi PC ya andaba bien justo depsues de hacer todos los scans, pero luego se me ocurrió reiniciar y volvió a enceder de la misma manera lenta, como su hubiera quizas algo mas metido ahi q esta lenteando esto.

      Adicionalmente a sus indicaciones(mientras leía otros posts) se me ocurrió probar este iExplore.exe que me botó este reporte a ver q tal?

      Código:
      Rkill 2.4.5 by Lawrence Abrams (Grinler)
      http://www.bleepingcomputer.com/
      Copyright 2008-2012 BleepingComputer.com
      More Information about Rkill can be found at this link:
       http://www.bleepingcomputer.com/forums/topic308364.html
      
      Program started at: 11/09/2012 06:38:07 PM in x86 mode.
      Windows Version: Microsoft Windows XP Service Pack 3
      
      Checking for Windows services to stop:
      
       * No malware services found to stop.
      
      Checking for processes to terminate:
      
       * C:\WINDOWS\sttray.exe (PID: 332) [WD-HEUR]
      
      1 proccess terminated!
      
      Checking Registry for malware related settings:
      
       * No issues found in the Registry.
      
      Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
      
      Performing miscellaneous checks:
      
       * No issues found.
      
      Checking Windows Service Integrity: 
      
       * RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]
      
      Searching for Missing Digital Signatures: 
      
       * No issues found.
      
      Checking HOSTS File: 
      
       * HOSTS file entries found: 
      
        127.0.0.1       localhost
      
      Program finished at: 11/09/2012 06:38:50 PM
      Execution time: 0 hours(s), 0 minute(s), and 43 seconds(s)
      Grax.

    4. #4
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Troyano Windows security

      Buenas.


      Reinicia dos o tres veces el sistema y nos cuentas como funciona.


      Saludos.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de MadZ
      Registrado
      oct 2010
      Ubicación
      Perú
      Mensajes
      15

      Re: Troyano Windows security

      Puedo probar con eso del Hijack? ya he probado varias cosas y la reiniciada obviamente no funciona... esta muriendo, tanto asi q no puedo ni ver videos, los efectos especiales o cualquier bulla hace q el sonido se escuche rasposo y todo se ralentiza... y con el youtube peor... creo q formateada noma? .=(

    6. #6
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Troyano Windows security

      Buenas.-

      Descargá OTL By OldTimer a Tu escritorio

      Ejecutá OTL

      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo hasta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.




      Nos traes el reporte de OTL.


      Saludos.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de MadZ
      Registrado
      oct 2010
      Ubicación
      Perú
      Mensajes
      15

      Re: Troyano Windows security

      Buenas, aqui adjunto el reporte del OTL :DOTL logfile created on: 12/11/2012 05:46:57 a.m. - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Mis documentos\DownloadsWindows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 6.0.2900.5512)Locale: 0000280A | Country: Perú | Language: ESR | Date Format: dd/MM/yyyy 3.00 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 68.04% Memory free4.84 Gb Paging File | 3.93 Gb Available in Paging File | 81.26% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programaDrive C: | 97.65 Gb Total Space | 58.69 Gb Free Space | 60.10% Space Free | Partition Type: NTFSDrive E: | 368.10 Gb Total Space | 221.72 Gb Free Space | 60.23% Space Free | Partition Type: NTFSDrive F: | 298.09 Gb Total Space | 104.29 Gb Free Space | 34.99% Space Free | Partition Type: NTFS Computer Name: USER-59D420579F | User Name: user | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current userCompany Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\user\Mis documentos\Downloads\OTL.exe (OldTimer Tools)PRC - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe (Google Inc.)PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)PRC - C:\Archivos de programa\Java\jre7\bin\jqs.exe (Oracle Corporation)PRC - C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)PRC - C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)PRC - C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)PRC - C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)PRC - C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe (ESET)PRC - C:\Archivos de programa\CyberLink\Shared files\brs.exe (cyberlink)PRC - C:\Archivos de programa\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)PRC - C:\WINDOWS\sttray.exe (SigmaTel, Inc.)PRC - C:\Archivos de programa\SigmaTel\C-Major Audio\WDM\stacsv.exe (SigmaTel, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll ()MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll ()MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\pdf.dll ()MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\libglesv2.dll ()MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\libegl.dll ()MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\avutil-51.dll ()MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\avformat-54.dll ()MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll ()MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll ()MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll ()MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll ()MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll ()MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll ()MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll ()MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll ()MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\System.resources.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_es_b77a5c561934e089\System.Windows.Forms.resources.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3405.36928__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3405.36933__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3405.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3405.36840__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3405.36902__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3405.36897__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3405.36834__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3405.36889__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3405.36917__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3405.36879__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3405.36834__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3405.36918__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3405.36883__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3405.36892__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3405.36872__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3405.36898__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3405.36835__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3405.36850__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3405.36880__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3405.36866__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3405.36877__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3403.16829__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3403.16821__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3403.16841__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3403.16839__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3403.16852__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3403.16813__90ba9c70f846762e\LOG.Foundation.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3403.16814__90ba9c70f846762e\NEWAEM.Foundation.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3403.16838__90ba9c70f846762e\MOM.Foundation.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3403.16818__90ba9c70f846762e\CLI.Foundation.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3403.16866__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3403.16830__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3403.16823__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3403.16851__90ba9c70f846762e\DEM.Graphics.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3403.16828__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3403.16850__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3403.16854__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3403.16836__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3405.36941__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3405.36911__90ba9c70f846762e\MOM.Implementation.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3405.36922__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3403.16826__90ba9c70f846762e\LOG.Foundation.Private.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3403.16839__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3403.16827__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3403.16838__90ba9c70f846762e\APM.Foundation.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3403.16828__90ba9c70f846762e\AEM.Server.Shared.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()MOD - C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3405.36821__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3405.36830__90ba9c70f846762e\CLI.Component.Dashboard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3405.36906__90ba9c70f846762e\CLI.Component.Systemtray.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3405.36839__90ba9c70f846762e\CLI.Component.Wizard.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3405.36910__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3405.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3405.36824__90ba9c70f846762e\CLI.Component.Runtime.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3403.16840__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3403.16820__90ba9c70f846762e\CLI.Foundation.Private.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3403.16839__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3403.16838__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3403.16838__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3405.36823__90ba9c70f846762e\APM.Server.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3405.36822__90ba9c70f846762e\AEM.Server.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3403.16835__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3403.16846__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()MOD - C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3405.36911__90ba9c70f846762e\CCC.Implementation.dll ()MOD - C:\Archivos de programa\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()MOD - C:\Archivos de programa\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()MOD - C:\Archivos de programa\Spybot - Search & Destroy 2\DEC150.bpl ()MOD - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\PDFShell.ESP ()MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Branding\Branding.dll ()MOD - C:\WINDOWS\system32\msdmo.dll () ========== Services (SafeList) ========== SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)SRV - (JavaQuickStarterService) -- C:\Archivos de programa\Java\jre7\bin\jqs.exe (Oracle Corporation)SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)SRV - (PSUAService) -- C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)SRV - (NanoServiceMain) -- C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)SRV - (!SASCORE) -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)SRV - (EhttpSrv) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)SRV - (ekrn) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)SRV - (STacSV) -- C:\Archivos de programa\SigmaTel\C-Major Audio\WDM\stacsv.exe (SigmaTel, Inc.)SRV - (odserv) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)SRV - (ose) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not foundDRV - (PDRFRAME) -- File not foundDRV - (PDRELI) -- File not foundDRV - (PDFRAME) -- File not foundDRV - (PDCOMP) -- File not foundDRV - (PCIDump) -- File not foundDRV - (lbrtfdc) -- File not foundDRV - (i2omgmt) -- File not foundDRV - (Changer) -- File not foundDRV - (catchme) -- C:\DOCUME~1\user\CONFIG~1\Temp\catchme.sys File not foundDRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)DRV - (PSINProt) -- C:\WINDOWS\system32\drivers\PSINProt.sys (Panda Security, S.L.)DRV - (PSINKNC) -- C:\WINDOWS\system32\drivers\PSINKNC.sys (Panda Security, S.L.)DRV - (PSINProc) -- C:\WINDOWS\system32\drivers\PSINProc.sys (Panda Security, S.L.)DRV - (PSINFile) -- C:\WINDOWS\system32\drivers\PSINFile.sys (Panda Security, S.L.)DRV - (PSINAflt) -- C:\WINDOWS\system32\drivers\PSINAflt.sys (Panda Security, S.L.)DRV - (NNSSTRM) -- C:\WINDOWS\system32\drivers\NNSStrm.sys (Panda Security, S.L.)DRV - (NNSTLSC) -- C:\WINDOWS\system32\drivers\NNStlsc.sys (Panda Security, S.L.)DRV - (NNSPROT) -- C:\WINDOWS\system32\drivers\NNSProt.sys (Panda Security, S.L.)DRV - (NNSPRV) -- C:\WINDOWS\system32\drivers\NNSPrv.sys (Panda Security, S.L.)DRV - (NNSSMTP) -- C:\WINDOWS\system32\drivers\NNSSmtp.sys (Panda Security, S.L.)DRV - (NNSPOP3) -- C:\WINDOWS\system32\drivers\NNSPop3.sys (Panda Security, S.L.)DRV - (NNSPIHS) -- C:\WINDOWS\system32\drivers\NNSpihs.sys (Panda Security, S.L.)DRV - (NNSIDS) -- C:\WINDOWS\system32\drivers\NNSIds.sys (Panda Security, S.L.)DRV - (NNSPICC) -- C:\WINDOWS\system32\drivers\NNSpicc.sys (Panda Security, S.L.)DRV - (NNSHTTP) -- C:\WINDOWS\system32\drivers\NNSHttp.sys (Panda Security, S.L.)DRV - (NNSALPC) -- C:\WINDOWS\system32\drivers\NNSAlpc.sys (Panda Security, S.L.)DRV - (TrojanKillerDriver) -- C:\WINDOWS\system32\drivers\gtkdrv.sys (Windows (R) Win 7 DDK provider)DRV - (NNSNAHS) -- C:\WINDOWS\system32\drivers\NNSNAHS.sys (Panda Security, S.L.)DRV - (SASDIFSV) -- C:\Archivos de programa\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)DRV - (SASKUTIL) -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)DRV - (PSKMAD) -- C:\WINDOWS\system32\drivers\PSKMAD.sys (Panda Security)DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Archivos de programa\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc)DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Archivos de programa\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Archivos de programa\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Archivos de programa\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Documents and Settings\user\Datos de programa\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\user\Configuración local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Archivos de programa\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/09/20 22:03:44 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - homepage: http://www.google.com/CHR - default_search_provider: Google (Enabled)CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}CHR - homepage: http://www.google.com/CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\user\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dllCHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Documents and Settings\user\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\user\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\23.0.1271.64\pdf.dllCHR - plugin: Adobe Acrobat (Enabled) = C:\Archivos de programa\Adobe\Reader 10.0\Reader\Browser\nppdf32.dllCHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npdrmv2.dllCHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Archivos de programa\Windows Media Player\npdsplay.dllCHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npwmsdrm.dllCHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Archivos de programa\Java\jre7\bin\plugin2\npjp2.dllCHR - plugin: Silverlight Plug-In (Enabled) = C:\Archivos de programa\Microsoft Silverlight\5.1.10411.0\npctrl.dllCHR - plugin: Google Update (Enabled) = C:\Documents and Settings\user\Configuraci\u00F3n local\Datos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dllCHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\user\Configuraci\u00F3n local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dllCHR - plugin: Kalydo Player Plugin for Mozilla (Enabled) = C:\Documents and Settings\user\Datos de programa\Kalydo\KalydoPlayer\bin2\npkalydo.dllCHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dllCHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dllCHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dllCHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dllCHR - Extension: Hatsune Miku = C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\kigfdicgjnpjkhbnngdfgjfffmdaonfg\2_0\ O1 HOSTS File: ([2012/11/09 18:20:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O4 - HKLM..\Run: [Adobe ARM] C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [BDRegion] C:\Archivos de programa\CyberLink\Shared files\brs.exe (cyberlink)O4 - HKLM..\Run: [egui] C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe (ESET)O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)O4 - HKLM..\Run: [PSUAMain] C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)O4 - HKLM..\Run: [RemoteControl10] C:\Archivos de programa\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.)O4 - HKLM..\Run: [StartCCC] C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.48.225.130 200.48.225.146O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{87059922-DB1F-4075-B73B-2420570E7AA5}: DhcpNameServer = 200.48.225.130 200.48.225.146O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)O24 - Desktop Components:0 (Mi página de inicio actual) - About:HomeO24 - Desktop WallPaper: C:\Documents and Settings\user\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmpO28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2012/09/20 21:12:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O32 - AutoRun File - [2012/06/26 01:04:23 | 000,000,000 | ---D | M] - F:\AUTODESK -- [ NTFS ]O32 - AutoRun File - [2012/04/07 17:29:12 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = ComFile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/11/11 17:50:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Datos de programa\Identities[2012/11/11 17:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\Panda Security[2012/11/11 17:48:26 | 000,046,280 | ---- | C] (Panda Security) -- C:\WINDOWS\System32\drivers\PSKMAD.sys[2012/11/11 17:47:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood[2012/11/11 17:47:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Panda Cloud Antivirus[2012/11/11 17:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Panda Security[2012/11/11 17:46:47 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Panda Security[2012/11/11 17:37:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy[2012/11/11 17:37:07 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Spybot - Search & Destroy 2[2012/11/09 21:02:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\SUPERAntiSpyware.com[2012/11/09 21:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\SUPERAntiSpyware.com[2012/11/09 21:02:29 | 000,000,000 | ---D | C] -- C:\Archivos de programa\SUPERAntiSpyware[2012/11/09 18:30:55 | 000,000,000 | -HSD | C] -- C:\RECYCLER[2012/11/09 18:11:58 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe[2012/11/09 18:11:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe[2012/11/09 18:11:58 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe[2012/11/09 18:11:48 | 000,000,000 | ---D | C] -- C:\Qoobox[2012/11/09 18:11:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menú Inicio\Programas\Herramientas administrativas[2012/11/09 18:11:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt[2012/11/09 18:07:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent[2012/11/09 17:49:26 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\nircmd.exe[2012/11/08 12:31:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\Malwarebytes[2012/11/08 12:31:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes' Anti-Malware[2012/11/08 12:31:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes[2012/11/08 12:31:35 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2012/11/08 12:31:35 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware[2012/11/08 12:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\GridinSoft Trojan Killer[2012/11/08 12:13:41 | 000,000,000 | ---D | C] -- C:\Archivos de programa\GridinSoft Trojan Killer[2012/11/04 16:49:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Configuración local\Datos de programa\Temporary Projects[2012/10/31 20:54:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Microsoft SQL Server 2005[2012/10/31 20:48:41 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft SQL Server[2012/10/31 20:44:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Mis documentos\Visual Studio 2005[2012/10/31 20:42:17 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft.NET[2012/10/31 20:42:16 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Visual Studio 8[2012/10/31 19:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\e-academy Inc[2012/10/31 19:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Configuración local\Datos de programa\e-academy Inc[2012/10/28 15:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Configuración local\Datos de programa\Unity[2012/10/22 02:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\CrashDump[2012/10/22 02:26:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\NativeFus_Log[2012/10/22 02:26:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Configuración local\Datos de programa\Samsung[2012/10/22 02:26:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\Samsung[2012/10/22 02:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Mis documentos\samsung[2012/10/22 02:23:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE[2012/10/22 02:22:33 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll[2012/10/22 02:20:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Samsung[2012/10/22 02:20:47 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Samsung[2012/10/22 02:19:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Configuración local\Datos de programa\Downloaded Installations[2012/10/19 20:39:11 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\DirectX[2012/10/19 20:28:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\Kalydo[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/11/12 05:21:00 | 000,000,838 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job[2012/11/12 05:03:00 | 000,000,536 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 56101d0d-2af2-4465-895d-b2f1c0f4bcca.job[2012/11/12 03:52:08 | 000,807,354 | ---- | M] () -- C:\WINDOWS\TempCloudAV1112073344_1588.csv[2012/11/12 02:00:03 | 000,000,536 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 448def45-0851-4f74-af78-447aa925383c.job[2012/11/11 13:44:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2012/11/11 13:44:46 | 000,167,952 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap[2012/11/11 02:09:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2012/11/09 21:02:47 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\SUPERAntiSpyware Free Edition.lnk[2012/11/09 18:20:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts[2012/11/09 17:20:35 | 000,550,210 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat[2012/11/09 17:20:35 | 000,479,200 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2012/11/09 17:20:35 | 000,109,784 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat[2012/11/09 17:20:35 | 000,085,090 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2012/11/09 12:06:08 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\user\Escritorio\Google Chrome.lnk[2012/11/09 02:54:24 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\CCleaner.lnk[2012/11/08 12:31:37 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk[2012/11/05 17:07:23 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\user\Escritorio\Microsoft Office Word 2007.lnk[2012/11/01 18:50:30 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\edb.chk[2012/10/31 19:53:15 | 000,002,188 | ---- | M] () -- C:\Documents and Settings\user\Escritorio\Secure Download Manager.lnk[2012/10/22 20:03:25 | 001,030,821 | ---- | M] () -- C:\Documents and Settings\user\Mis documentos\tumblr_mcapvmktlj1rqakfzo1_400.gif[2012/10/22 02:24:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf[2012/10/22 02:23:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf[2012/10/20 03:54:28 | 000,231,120 | ---- | M] () -- C:\Documents and Settings\user\Mis documentos\pepepajas.JPG[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/11/12 02:50:08 | 000,807,354 | ---- | C] () -- C:\WINDOWS\TempCloudAV1112073344_1588.csv[2012/11/09 21:03:03 | 000,000,536 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 56101d0d-2af2-4465-895d-b2f1c0f4bcca.job[2012/11/09 21:03:02 | 000,000,536 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 448def45-0851-4f74-af78-447aa925383c.job[2012/11/09 21:02:47 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\SUPERAntiSpyware Free Edition.lnk[2012/11/09 18:11:58 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe[2012/11/09 18:11:58 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe[2012/11/09 18:11:58 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe[2012/11/09 18:11:58 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe[2012/11/09 18:11:58 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe[2012/11/08 12:31:37 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk[2012/11/01 18:50:30 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\edb.chk[2012/10/31 20:44:13 | 000,001,119 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Microsoft Visual Basic 2005 Express Edition.lnk[2012/10/31 19:53:15 | 000,002,188 | ---- | C] () -- C:\Documents and Settings\user\Escritorio\Secure Download Manager.lnk[2012/10/22 20:03:25 | 001,030,821 | ---- | C] () -- C:\Documents and Settings\user\Mis documentos\tumblr_mcapvmktlj1rqakfzo1_400.gif[2012/10/22 03:57:58 | 000,546,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\FontCache3.0.0.0.dat[2012/10/22 02:24:14 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf[2012/10/22 02:23:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf[2012/10/20 03:53:54 | 000,231,120 | ---- | C] () -- C:\Documents and Settings\user\Mis documentos\pepepajas.JPG[2012/09/26 20:57:14 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll[2012/09/26 20:57:14 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll[2012/09/26 20:57:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll[2012/09/26 20:57:14 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll[2012/09/21 13:40:18 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll[2012/09/21 01:19:03 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\user\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2012/09/20 21:50:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin[2012/09/20 21:46:48 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe[2012/09/20 21:14:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat[2012/09/20 21:08:36 | 000,021,900 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat[2012/09/20 15:03:05 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI[2012/09/20 15:02:01 | 000,333,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT ========== ZeroAccess Check ========== [2012/09/20 22:28:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 07:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 07:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both ========== LOP Check ========== [2012/09/20 22:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ESET[2012/11/11 17:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Panda Security[2012/11/01 18:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Samsung[2012/10/01 04:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Ubisoft[2012/09/22 22:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\Auslogics[2012/10/31 19:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\e-academy Inc[2012/10/19 20:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\Kalydo[2012/09/21 02:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\LolClient[2012/11/11 17:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\Panda Security[2012/11/01 18:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\Samsung[2012/10/01 04:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\Ubisoft[2012/11/09 18:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\uTorrent ========== Purity Check ========== < End of report >[/CODE]Bueno por el momento mi PC solo es utilizable para navegar... y eso que bien lento, no puedo ver videos ni jugar algun juego pues el sonido revienta y toda la pc se ralentiza, ese es mi problema actual. Ojalá q el reporte sirva, gracias :D
      Última edición por @Tincho fecha: 13/11/12 a las 00:02:10

    8. #8
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Troyano Windows security

      Buenas.

      Saca otro log y no lo envuelvas en ninguna etiqueta, es imposible leerlo .


      Saludos.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de MadZ
      Registrado
      oct 2010
      Ubicación
      Perú
      Mensajes
      15

      Re: Troyano Windows security

      Ok.



      OTL logfile created on: 12/11/2012 05:46:57 a.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Mis documentos\Downloads
      Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 6.0.2900.5512)
      Locale: 0000280A | Country: Perú | Language: ESR | Date Format: dd/MM/yyyy

      3.00 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 68.04% Memory free
      4.84 Gb Paging File | 3.93 Gb Available in Paging File | 81.26% Paging File free
      Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
      Drive C: | 97.65 Gb Total Space | 58.69 Gb Free Space | 60.10% Space Free | Partition Type: NTFS
      Drive E: | 368.10 Gb Total Space | 221.72 Gb Free Space | 60.23% Space Free | Partition Type: NTFS
      Drive F: | 298.09 Gb Total Space | 104.29 Gb Free Space | 34.99% Space Free | Partition Type: NTFS

      Computer Name: USER-59D420579F | User Name: user | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Documents and Settings\user\Mis documentos\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\chrome.exe (Google Inc.)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Java\jre7\bin\jqs.exe (Oracle Corporation)
      PRC - C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
      PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      PRC - C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
      PRC - C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
      PRC - C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
      PRC - C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
      PRC - C:\Archivos de programa\CyberLink\Shared files\brs.exe (cyberlink)
      PRC - C:\Archivos de programa\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
      PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      PRC - C:\WINDOWS\sttray.exe (SigmaTel, Inc.)
      PRC - C:\Archivos de programa\SigmaTel\C-Major Audio\WDM\stacsv.exe (SigmaTel, Inc.)


      ========== Modules (No Company Name) ==========

      MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll ()
      MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll ()
      MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\pdf.dll ()
      MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\libglesv2.dll ()
      MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\libegl.dll ()
      MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\avutil-51.dll ()
      MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\avformat-54.dll ()
      MOD - C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll ()
      MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll ()
      MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll ()
      MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll ()
      MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll ()
      MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll ()
      MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll ()
      MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll ()
      MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\System.resources.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_es_b77a5c561934e089\System.Windows.Forms.resources.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3405.36928__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3405.36933__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3405.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3405.36840__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3405.36902__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3405.36897__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3405.36834__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3405.36889__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3405.36917__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3405.36879__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3405.36834__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3405.36918__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3405.36883__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3405.36892__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3405.36872__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3405.36898__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3405.36835__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3405.36850__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3405.36880__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3405.36866__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3405.36877__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3403.16829__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3403.16821__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3403.16841__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3403.16839__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3403.16852__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3403.16813__90ba9c70f846762e\LOG.Foundation.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3403.16814__90ba9c70f846762e\NEWAEM.Foundation.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3403.16838__90ba9c70f846762e\MOM.Foundation.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3403.16818__90ba9c70f846762e\CLI.Foundation.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3403.16866__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3403.16830__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3403.16823__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3403.16851__90ba9c70f846762e\DEM.Graphics.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3403.16828__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3403.16850__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3403.16854__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3403.16836__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3405.36941__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3405.36911__90ba9c70f846762e\MOM.Implementation.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3405.36922__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3403.16826__90ba9c70f846762e\LOG.Foundation.Private.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3403.16839__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3403.16827__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3403.16838__90ba9c70f846762e\APM.Foundation.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3403.16828__90ba9c70f846762e\AEM.Server.Shared.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
      MOD - C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3405.36821__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3405.36830__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3405.36906__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3405.36839__90ba9c70f846762e\CLI.Component.Wizard.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3405.36910__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3405.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3405.36824__90ba9c70f846762e\CLI.Component.Runtime.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3403.16840__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3403.16820__90ba9c70f846762e\CLI.Foundation.Private.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3403.16839__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3403.16838__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3403.16838__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3405.36823__90ba9c70f846762e\APM.Server.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3405.36822__90ba9c70f846762e\AEM.Server.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3403.16835__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3403.16846__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
      MOD - C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3405.36911__90ba9c70f846762e\CCC.Implementation.dll ()
      MOD - C:\Archivos de programa\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
      MOD - C:\Archivos de programa\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
      MOD - C:\Archivos de programa\Spybot - Search & Destroy 2\DEC150.bpl ()
      MOD - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\PDFShell.ESP ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
      MOD - C:\WINDOWS\system32\msdmo.dll ()


      ========== Services (SafeList) ==========

      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (JavaQuickStarterService) -- C:\Archivos de programa\Java\jre7\bin\jqs.exe (Oracle Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (PSUAService) -- C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      SRV - (NanoServiceMain) -- C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      SRV - (!SASCORE) -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
      SRV - (EhttpSrv) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
      SRV - (ekrn) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
      SRV - (STacSV) -- C:\Archivos de programa\SigmaTel\C-Major Audio\WDM\stacsv.exe (SigmaTel, Inc.)
      SRV - (odserv) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (WDICA) -- File not found
      DRV - (PDRFRAME) -- File not found
      DRV - (PDRELI) -- File not found
      DRV - (PDFRAME) -- File not found
      DRV - (PDCOMP) -- File not found
      DRV - (PCIDump) -- File not found
      DRV - (lbrtfdc) -- File not found
      DRV - (i2omgmt) -- File not found
      DRV - (Changer) -- File not found
      DRV - (catchme) -- C:\DOCUME~1\user\CONFIG~1\Temp\catchme.sys File not found
      DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (PSINProt) -- C:\WINDOWS\system32\drivers\PSINProt.sys (Panda Security, S.L.)
      DRV - (PSINKNC) -- C:\WINDOWS\system32\drivers\PSINKNC.sys (Panda Security, S.L.)
      DRV - (PSINProc) -- C:\WINDOWS\system32\drivers\PSINProc.sys (Panda Security, S.L.)
      DRV - (PSINFile) -- C:\WINDOWS\system32\drivers\PSINFile.sys (Panda Security, S.L.)
      DRV - (PSINAflt) -- C:\WINDOWS\system32\drivers\PSINAflt.sys (Panda Security, S.L.)
      DRV - (NNSSTRM) -- C:\WINDOWS\system32\drivers\NNSStrm.sys (Panda Security, S.L.)
      DRV - (NNSTLSC) -- C:\WINDOWS\system32\drivers\NNStlsc.sys (Panda Security, S.L.)
      DRV - (NNSPROT) -- C:\WINDOWS\system32\drivers\NNSProt.sys (Panda Security, S.L.)
      DRV - (NNSPRV) -- C:\WINDOWS\system32\drivers\NNSPrv.sys (Panda Security, S.L.)
      DRV - (NNSSMTP) -- C:\WINDOWS\system32\drivers\NNSSmtp.sys (Panda Security, S.L.)
      DRV - (NNSPOP3) -- C:\WINDOWS\system32\drivers\NNSPop3.sys (Panda Security, S.L.)
      DRV - (NNSPIHS) -- C:\WINDOWS\system32\drivers\NNSpihs.sys (Panda Security, S.L.)
      DRV - (NNSIDS) -- C:\WINDOWS\system32\drivers\NNSIds.sys (Panda Security, S.L.)
      DRV - (NNSPICC) -- C:\WINDOWS\system32\drivers\NNSpicc.sys (Panda Security, S.L.)
      DRV - (NNSHTTP) -- C:\WINDOWS\system32\drivers\NNSHttp.sys (Panda Security, S.L.)
      DRV - (NNSALPC) -- C:\WINDOWS\system32\drivers\NNSAlpc.sys (Panda Security, S.L.)
      DRV - (TrojanKillerDriver) -- C:\WINDOWS\system32\drivers\gtkdrv.sys (Windows (R) Win 7 DDK provider)
      DRV - (NNSNAHS) -- C:\WINDOWS\system32\drivers\NNSNAHS.sys (Panda Security, S.L.)
      DRV - (SASDIFSV) -- C:\Archivos de programa\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (SASKUTIL) -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (PSKMAD) -- C:\WINDOWS\system32\drivers\PSKMAD.sys (Panda Security)
      DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
      DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
      DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
      DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Archivos de programa\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
      DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
      DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
      DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc)
      DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      ========== FireFox ==========

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Archivos de programa\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Archivos de programa\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Archivos de programa\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Documents and Settings\user\Datos de programa\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\user\Configuración local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Archivos de programa\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/09/20 22:03:44 | 000,000,000 | ---D | M]


      ========== Chrome ==========

      CHR - homepage: Google
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: Google
      CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\user\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\user\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\user\Configuraci\u00F3n local\Datos de programa\Google\Chrome\Application\23.0.1271.64\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Archivos de programa\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npdrmv2.dll
      CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Archivos de programa\Windows Media Player\npdsplay.dll
      CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npwmsdrm.dll
      CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Archivos de programa\Java\jre7\bin\plugin2\npjp2.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Archivos de programa\Microsoft Silverlight\5.1.10411.0\npctrl.dll
      CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\user\Configuraci\u00F3n local\Datos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\user\Configuraci\u00F3n local\Datos de programa\Unity\WebPlayer\loader\npUnity3D32.dll
      CHR - plugin: Kalydo Player Plugin for Mozilla (Enabled) = C:\Documents and Settings\user\Datos de programa\Kalydo\KalydoPlayer\bin2\npkalydo.dll
      CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
      CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll
      CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
      CHR - Extension: Hatsune Miku = C:\Documents and Settings\user\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\kigfdicgjnpjkhbnngdfgjfffmdaonfg\2_0\

      O1 HOSTS File: ([2012/11/09 18:20:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O4 - HKLM..\Run: [Adobe ARM] C:\Archivos de programa\Archivos comunes\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [BDRegion] C:\Archivos de programa\CyberLink\Shared files\brs.exe (cyberlink)
      O4 - HKLM..\Run: [egui] C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
      O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
      O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
      O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
      O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
      O4 - HKLM..\Run: [PSUAMain] C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      O4 - HKLM..\Run: [RemoteControl10] C:\Archivos de programa\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.)
      O4 - HKLM..\Run: [StartCCC] C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
      O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Archivos de programa\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.48.225.130 200.48.225.146
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{87059922-DB1F-4075-B73B-2420570E7AA5}: DhcpNameServer = 200.48.225.130 200.48.225.146
      O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
      O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
      O24 - Desktop WallPaper: C:\Documents and Settings\user\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2012/09/20 21:12:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
      O32 - AutoRun File - [2012/06/26 01:04:23 | 000,000,000 | ---D | M] - F:\AUTODESK -- [ NTFS ]
      O32 - AutoRun File - [2012/04/07 17:29:12 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/11/11 17:50:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Datos de programa\Identities
      [2012/11/11 17:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\Panda Security
      [2012/11/11 17:48:26 | 000,046,280 | ---- | C] (Panda Security) -- C:\WINDOWS\System32\drivers\PSKMAD.sys
      [2012/11/11 17:47:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
      [2012/11/11 17:47:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Panda Cloud Antivirus
      [2012/11/11 17:46:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Panda Security
      [2012/11/11 17:46:47 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Panda Security
      [2012/11/11 17:37:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Spybot - Search & Destroy
      [2012/11/11 17:37:07 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Spybot - Search & Destroy 2
      [2012/11/09 21:02:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\SUPERAntiSpyware.com
      [2012/11/09 21:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\SUPERAntiSpyware.com
      [2012/11/09 21:02:29 | 000,000,000 | ---D | C] -- C:\Archivos de programa\SUPERAntiSpyware
      [2012/11/09 18:30:55 | 000,000,000 | -HSD | C] -- C:\RECYCLER
      [2012/11/09 18:11:58 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
      [2012/11/09 18:11:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
      [2012/11/09 18:11:58 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
      [2012/11/09 18:11:48 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2012/11/09 18:11:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user\Menú Inicio\Programas\Herramientas administrativas
      [2012/11/09 18:11:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
      [2012/11/09 18:07:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
      [2012/11/09 17:49:26 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\nircmd.exe
      [2012/11/08 12:31:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\Malwarebytes
      [2012/11/08 12:31:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Malwarebytes' Anti-Malware
      [2012/11/08 12:31:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Malwarebytes
      [2012/11/08 12:31:35 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
      [2012/11/08 12:31:35 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Malwarebytes' Anti-Malware
      [2012/11/08 12:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\GridinSoft Trojan Killer
      [2012/11/08 12:13:41 | 000,000,000 | ---D | C] -- C:\Archivos de programa\GridinSoft Trojan Killer
      [2012/11/04 16:49:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Configuración local\Datos de programa\Temporary Projects
      [2012/10/31 20:54:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Microsoft SQL Server 2005
      [2012/10/31 20:48:41 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft SQL Server
      [2012/10/31 20:44:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Mis documentos\Visual Studio 2005
      [2012/10/31 20:42:17 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft.NET
      [2012/10/31 20:42:16 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Microsoft Visual Studio 8
      [2012/10/31 19:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\e-academy Inc
      [2012/10/31 19:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Configuración local\Datos de programa\e-academy Inc
      [2012/10/28 15:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Configuración local\Datos de programa\Unity
      [2012/10/22 02:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\CrashDump
      [2012/10/22 02:26:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\NativeFus_Log
      [2012/10/22 02:26:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Configuración local\Datos de programa\Samsung
      [2012/10/22 02:26:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\Samsung
      [2012/10/22 02:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Mis documentos\samsung
      [2012/10/22 02:23:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
      [2012/10/22 02:22:33 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
      [2012/10/22 02:20:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Samsung
      [2012/10/22 02:20:47 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Samsung
      [2012/10/22 02:19:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Configuración local\Datos de programa\Downloaded Installations
      [2012/10/19 20:39:11 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\DirectX
      [2012/10/19 20:28:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Datos de programa\Kalydo
      [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/11/12 05:21:00 | 000,000,838 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
      [2012/11/12 05:03:00 | 000,000,536 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 56101d0d-2af2-4465-895d-b2f1c0f4bcca.job
      [2012/11/12 03:52:08 | 000,807,354 | ---- | M] () -- C:\WINDOWS\TempCloudAV1112073344_1588.csv
      [2012/11/12 02:00:03 | 000,000,536 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 448def45-0851-4f74-af78-447aa925383c.job
      [2012/11/11 13:44:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
      [2012/11/11 13:44:46 | 000,167,952 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
      [2012/11/11 02:09:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
      [2012/11/09 21:02:47 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\SUPERAntiSpyware Free Edition.lnk
      [2012/11/09 18:20:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
      [2012/11/09 17:20:35 | 000,550,210 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat
      [2012/11/09 17:20:35 | 000,479,200 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
      [2012/11/09 17:20:35 | 000,109,784 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat
      [2012/11/09 17:20:35 | 000,085,090 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
      [2012/11/09 12:06:08 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\user\Escritorio\Google Chrome.lnk
      [2012/11/09 02:54:24 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\CCleaner.lnk
      [2012/11/08 12:31:37 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk
      [2012/11/05 17:07:23 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\user\Escritorio\Microsoft Office Word 2007.lnk
      [2012/11/01 18:50:30 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\edb.chk
      [2012/10/31 19:53:15 | 000,002,188 | ---- | M] () -- C:\Documents and Settings\user\Escritorio\Secure Download Manager.lnk
      [2012/10/22 20:03:25 | 001,030,821 | ---- | M] () -- C:\Documents and Settings\user\Mis documentos\tumblr_mcapvmktlj1rqakfzo1_400.gif
      [2012/10/22 02:24:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
      [2012/10/22 02:23:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
      [2012/10/20 03:54:28 | 000,231,120 | ---- | M] () -- C:\Documents and Settings\user\Mis documentos\pepepajas.JPG
      [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/11/12 02:50:08 | 000,807,354 | ---- | C] () -- C:\WINDOWS\TempCloudAV1112073344_1588.csv
      [2012/11/09 21:03:03 | 000,000,536 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 56101d0d-2af2-4465-895d-b2f1c0f4bcca.job
      [2012/11/09 21:03:02 | 000,000,536 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 448def45-0851-4f74-af78-447aa925383c.job
      [2012/11/09 21:02:47 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\SUPERAntiSpyware Free Edition.lnk
      [2012/11/09 18:11:58 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
      [2012/11/09 18:11:58 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
      [2012/11/09 18:11:58 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
      [2012/11/09 18:11:58 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
      [2012/11/09 18:11:58 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
      [2012/11/08 12:31:37 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\Malwarebytes Anti-Malware.lnk
      [2012/11/01 18:50:30 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\edb.chk
      [2012/10/31 20:44:13 | 000,001,119 | ---- | C] () -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Microsoft Visual Basic 2005 Express Edition.lnk
      [2012/10/31 19:53:15 | 000,002,188 | ---- | C] () -- C:\Documents and Settings\user\Escritorio\Secure Download Manager.lnk
      [2012/10/22 20:03:25 | 001,030,821 | ---- | C] () -- C:\Documents and Settings\user\Mis documentos\tumblr_mcapvmktlj1rqakfzo1_400.gif
      [2012/10/22 03:57:58 | 000,546,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Configuración local\Datos de programa\FontCache3.0.0.0.dat
      [2012/10/22 02:24:14 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
      [2012/10/22 02:23:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
      [2012/10/20 03:53:54 | 000,231,120 | ---- | C] () -- C:\Documents and Settings\user\Mis documentos\pepepajas.JPG
      [2012/09/26 20:57:14 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
      [2012/09/26 20:57:14 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
      [2012/09/26 20:57:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
      [2012/09/26 20:57:14 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
      [2012/09/21 13:40:18 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
      [2012/09/21 01:19:03 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\user\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/09/20 21:50:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
      [2012/09/20 21:46:48 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
      [2012/09/20 21:14:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
      [2012/09/20 21:08:36 | 000,021,900 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
      [2012/09/20 15:03:05 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
      [2012/09/20 15:02:01 | 000,333,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

      ========== ZeroAccess Check ==========

      [2012/09/20 22:28:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 07:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 07:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/09/20 22:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ESET
      [2012/11/11 17:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Panda Security
      [2012/11/01 18:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Samsung
      [2012/10/01 04:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Ubisoft
      [2012/09/22 22:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\Auslogics
      [2012/10/31 19:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\e-academy Inc
      [2012/10/19 20:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\Kalydo
      [2012/09/21 02:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\LolClient
      [2012/11/11 17:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\Panda Security
      [2012/11/01 18:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\Samsung
      [2012/10/01 04:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\Ubisoft
      [2012/11/09 18:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Datos de programa\uTorrent

      ========== Purity Check ==========



      < End of report >

    10. #10
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Troyano Windows security

      Buenas.

      Realiza lo siguiente:

      1.-Desinstala Panda antivirus y Spybot con sus Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall.

      2.- Ejecuta Ccleaner en modo limpiador y registro.

      Nos cuentas.


      Salu2.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.