• Registrarse
  • Iniciar sesión


  • Página 2 de 3 PrimeroPrimero 123 ÚltimoÚltimo
    Resultados 11 al 20 de 26

    W32/Patched.UA

    Te pido paciencia por favor, ya que analizar el log de OTL lleva su tiempo ya que es bastante complejo y a la vez es muy extenso. Contestaré a la mayor brevedad posible. MUY IMPORTANTE: ...

    1. #11
      Ex-Colaborador Avatar de Marr0n
      Registrado
      mar 2010
      Ubicación
      Catalunya
      Mensajes
      5.871

      Re: W32/Patched.UA

      Te pido paciencia por favor, ya que analizar el log de OTL lleva su tiempo ya que es bastante complejo y a la vez es muy extenso. Contestaré a la mayor brevedad posible.


      MUY IMPORTANTE:


      • NO descargues/instales + programas mientras terminamos la desinfección.
      • NO ejecutes otras herramientas Antivirus/Antimalwares. Aunque puedes activar nuevamente tu Antivirus.
      • NO ejecutes nuevamente OTL hasta que vuelva con una respuesta.
      Saludos.
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    2. #12
      Usuario Avatar de fete.o
      Registrado
      nov 2012
      Ubicación
      madrid
      Mensajes
      16

      Re: W32/Patched.UA

      Perfecto no hay problema. Muchisimas gracias

    3. #13
      Usuario Avatar de fete.o
      Registrado
      nov 2012
      Ubicación
      madrid
      Mensajes
      16

      Re: W32/Patched.UA



      Acabo de darme cuenta de que en la esquina inferior izquierda de mi escritorio me aparece el siguiente mensaje : "Esta copia de windows no es original" sin embargo es el software original. Esto ha aparecido despues de usar el AT-Destroyer que ha pasado??

    4. #14
      Ex-Colaborador Avatar de Marr0n
      Registrado
      mar 2010
      Ubicación
      Catalunya
      Mensajes
      5.871

      Re: W32/Patched.UA

      ¿Que programas de seguridad utilizas en tu ordenador?

      Salu2.
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #15
      Usuario Avatar de fete.o
      Registrado
      nov 2012
      Ubicación
      madrid
      Mensajes
      16

      Re: W32/Patched.UA

      Pues si te soy sincero no lo tengo muy claro, empece a usar antivirus cuando note que algo iba mal. El primero que instale fue avira y, cuando me di cuenta(despues de mucho tiempo) de que tenia un virus imborrrable descargue el comodo firewall. Se que hay algun antivirus instalado que no he conseguido eliminar, el norton y otro mas que no siquiera se cual es
      Última edición por fete.o fecha: 26/11/12 a las 17:22:45

    6. #16
      Ex-Colaborador Avatar de Marr0n
      Registrado
      mar 2010
      Ubicación
      Catalunya
      Mensajes
      5.871

      Re: W32/Patched.UA

      Ok.

      si tu Windows es Original deberás ponerte en contacto con Microsoft para solucionar dicho problema, haz lo siguiente:

      Ve a
      Inicio > Panel de Control > Sistema y Seguridad > Sistemas.

      Seguramente por allí verás la opción de activar su S.O., en estos casos la opción telefónica es la mejor opción.

      . Desinstala todos los programas de seguridad con sus herramientas específicas:




      . Una vez hayas desinstalado todos los programas que he mencionado anteriormente arriba y hayas reiniciado el ordenador, necesito un nuevo reporte de combofix para volverlo a analizar:




      Botón Derecho sobre el ejecutable de ComboFix en tu escritorio>>> eliminar>>> vaciás la papelera.
      Vuelves a descargarlo y a correrlo de la siguiente manera:



      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Si te pide actualizar Aceptas.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.


      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.



      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.




      Salu2.
      Última edición por Marr0n fecha: 29/11/12 a las 16:55:16
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #17
      Usuario Avatar de fete.o
      Registrado
      nov 2012
      Ubicación
      madrid
      Mensajes
      16

      Re: W32/Patched.UA

      Hola buenas intente desintalar los antivirus y todos se desinstalaron bien menos el comodo. Ahora no tengo acceso a internet no se si se debera a eso o a que es.

      ComboFix:
      ComboFix 12-11-20.02 - Fernando 30/11/2012 2:16.3.4 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.34.3082.18.4044.2651 [GMT 1:00]
      Running from: c:\users\Fernando\Desktop\ComboFix.exe
      FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
      SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      - REDUCED FUNCTIONALITY MODE -
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-10-28 to 2012-11-30 )))))))))))))))))))))))))))))))
      .
      .
      2012-11-30 01:18 . 2012-11-30 01:18 -------- d-----w- c:\users\Invitado\AppData\Local\temp
      2012-11-30 01:18 . 2012-11-30 01:18 -------- d-----w- c:\users\Guadalupe\AppData\Local\temp
      2012-11-30 01:18 . 2012-11-30 01:18 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-11-30 01:00 . 2012-11-30 01:00 -------- d-----w- c:\users\Fernando\AppData\Local\ElevatedDiagnostics
      2012-11-30 00:44 . 2012-11-30 00:44 -------- d-----w- c:\users\Fernando\AppData\Roaming\Uninstaller Tool(Comodo Forums)
      2012-11-23 15:20 . 2012-11-23 16:31 -------- d-----w- c:\users\Fernando\AppData\Roaming\TeamViewer
      2012-11-23 15:19 . 2012-11-23 15:19 -------- d-----w- c:\program files (x86)\TeamViewer
      2012-11-16 22:29 . 2012-11-20 17:50 -------- d-----w- c:\users\Fernando\AppData\Roaming\FileZilla
      2012-11-16 22:29 . 2012-11-16 22:29 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
      2012-11-15 09:38 . 2012-07-26 05:05 2560 ----a-w- c:\windows\system32\drivers\es-ES\wdf01000.sys.mui
      2012-11-15 09:38 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
      2012-11-15 09:38 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
      2012-11-15 09:38 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
      2012-11-15 08:04 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
      2012-11-15 08:04 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
      2012-11-15 08:04 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
      2012-11-15 08:04 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
      2012-11-15 08:04 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
      2012-11-15 08:04 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
      2012-11-15 08:04 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
      2012-11-14 11:22 . 2012-06-29 12:55 22528 ----a-w- c:\windows\AT-Uninstall.exe
      2012-11-14 11:22 . 2012-03-12 22:27 11776 ----a-w- c:\windows\Colous.exe
      2012-11-14 11:22 . 2008-03-25 09:39 69660 ----a-w- c:\windows\Fart.exe
      2012-11-12 17:04 . 2012-11-12 17:04 -------- d-----w- c:\users\Fernando\AppData\Roaming\AudioTuner
      2012-11-12 16:57 . 2012-11-12 16:57 -------- d-----w- c:\program files (x86)\Audio Tuner
      2012-11-12 05:48 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
      2012-11-10 14:48 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
      2012-11-10 13:02 . 2012-11-10 13:02 -------- d-----w- C:\TDSSKiller_Quarantine
      2012-11-07 10:58 . 2012-07-12 01:18 100728 ----a-w- c:\windows\system32\drivers\NEOFLTR_720_21397.SYS
      2012-11-06 12:26 . 2012-11-06 12:28 -------- d-----w- c:\users\Fernando\miscelanea
      2012-11-05 23:06 . 2012-11-05 23:06 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
      2012-11-05 23:06 . 2012-11-05 23:06 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
      2012-11-05 23:06 . 2012-11-05 23:06 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
      2012-11-05 23:06 . 2012-11-05 23:06 96224 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
      2012-11-05 23:06 . 2012-11-05 23:06 157272 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
      2012-11-05 19:03 . 2012-11-17 17:29 -------- d-----w- c:\users\Guadalupe\AppData\Roaming\Skype
      2012-11-05 08:08 . 2012-11-05 08:08 -------- d-----w- c:\programdata\CPA_VA
      2012-11-04 21:45 . 2012-11-04 21:45 -------- d-----w- c:\programdata\Agnitum
      2012-11-04 17:39 . 2012-11-30 00:49 -------- d-----w- c:\programdata\Comodo
      2012-11-04 17:38 . 2012-11-05 08:10 -------- d-----w- c:\program files\COMODO
      2012-11-04 17:38 . 2012-11-04 17:38 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-11-15 08:05 . 2011-10-17 09:36 66395536 ----a-w- c:\windows\system32\MRT.exe
      2012-11-10 13:33 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
      2012-11-09 07:12 . 2012-04-09 11:56 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-11-09 07:12 . 2011-09-03 16:55 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-10-16 08:38 . 2012-11-28 15:21 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
      2012-10-16 08:38 . 2012-11-28 15:21 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
      2012-10-16 07:39 . 2012-11-28 15:21 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
      2012-10-05 00:32 . 2012-10-05 00:32 94288 ----a-w- c:\windows\system32\drivers\inspect.sys
      2012-10-05 00:32 . 2012-10-05 00:32 584056 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
      2012-10-05 00:32 . 2012-10-05 00:32 38656 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
      2012-10-05 00:32 . 2012-10-05 00:32 22736 ----a-w- c:\windows\system32\drivers\cmderd.sys
      2012-10-05 00:32 . 2012-10-05 00:32 41240 ----a-w- c:\windows\system32\cmdcsr.dll
      2012-10-05 00:32 . 2012-10-05 00:32 301264 ----a-w- c:\windows\SysWow64\guard32.dll
      2012-10-05 00:32 . 2012-10-05 00:32 390392 ----a-w- c:\windows\system32\guard64.dll
      2012-09-24 22:16 . 2012-10-29 22:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2012-09-18 19:12 . 2012-02-22 16:50 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
      2012-09-18 19:12 . 2011-05-15 02:09 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
      "{77f8c945-4b74-4bd6-a073-e0d1997edce8}"= "c:\program files (x86)\midicair\prxtbmidi.dll" [2011-05-09 176936]
      .
      [HKEY_CLASSES_ROOT\clsid\{77f8c945-4b74-4bd6-a073-e0d1997edce8}]
      .
      [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{77f8c945-4b74-4bd6-a073-e0d1997edce8}]
      2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\midicair\prxtbmidi.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{DFEFCDEE-CF1A-4FC8-88AD-18272BE37E29}"= "c:\users\Fernando\AppData\Roaming\xplugin\toolbar.dll" [2011-09-26 633344]
      "{77f8c945-4b74-4bd6-a073-e0d1997edce8}"= "c:\program files (x86)\midicair\prxtbmidi.dll" [2011-05-09 176936]
      .
      [HKEY_CLASSES_ROOT\clsid\{dfefcdee-cf1a-4fc8-88ad-18272be37e29}]
      .
      [HKEY_CLASSES_ROOT\clsid\{77f8c945-4b74-4bd6-a073-e0d1997edce8}]
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
      @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
      @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
      @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
      @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
      @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
      @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
      @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
      @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
      @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Fernando\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Fernando\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Fernando\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ares"="c:\program files (x86)\Ares\Ares.exe" [2010-10-27 1015808]
      "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-10-26 3077528]
      "Spotify Web Helper"="c:\users\Fernando\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-07 1199576]
      "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
      "VeohPlugin"="c:\program files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2012-06-11 4692840]
      "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-06-20 2736128]
      "Facebook Update"="c:\users\Fernando\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-09-08 138096]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]
      "HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
      "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
      "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
      "HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
      "Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
      "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
      "RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
      "OdTray.exe"="c:\program files (x86)\Juniper Networks\Odyssey Access Client\OdTray.exe" [2010-12-16 931184]
      "ExpressFiles"="c:\program files (x86)\ExpressFiles\ExpressFiles.exe" [2012-01-03 326776]
      "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
      "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
      "H2O"="c:\program files (x86)\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-22 385024]
      .
      c:\users\Fernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Dropbox.lnk - c:\users\Fernando\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-8-27 26924984]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
      "EnableShellExecuteHooks"= 1 (0x1)
      .
      [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)
      "AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
      "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      "QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" -atboottime
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
      "WinampAgent"="c:\program files (x86)\Winamp\winampa.exe"
      "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
      R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
      R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
      R3 jnprva;Juniper Networks Virtual Adapter Service;c:\windows\system32\DRIVERS\jnprva.sys [2010-07-15 21360]
      R3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [2010-12-07 187912]
      R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
      R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
      R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
      R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
      R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
      R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-04 1255736]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-05 283200]
      S1 NEOFLTR_720_21397;Juniper Networks TDI Filter Driver (NEOFLTR_720_21397);c:\windows\system32\Drivers\NEOFLTR_720_21397.SYS [2012-07-12 100728]
      S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
      S2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2012-07-02 2232504]
      S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-05 291896]
      S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
      S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
      S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-18 2372096]
      S2 JuniperAccessService;Juniper Unified Network Service;c:\program files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2010-12-16 198000]
      S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296]
      S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168]
      S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-11-22 1974080]
      S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
      S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
      S3 EacService;Juniper TNC Endpoint Assessment;c:\program files (x86)\Common Files\Juniper Networks\TNC Client\jTnccService.exe [2010-12-16 152944]
      S3 IntcDAud;Sonido Intel(R) para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-05-03 317440]
      S3 jnprna;Juniper Network Agent Miniport;c:\windows\system32\DRIVERS\jnprna.sys [2010-07-15 480624]
      S3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;c:\windows\system32\DRIVERS\jnprvamgr.sys [2010-07-15 42352]
      S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-11-04 1041760]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-27 425064]
      S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
      .
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
      2011-06-20 13:05 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-11-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1196883540-1044171120-3602023571-1000Core.job
      - c:\users\Fernando\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-08 01:30]
      .
      2012-11-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1196883540-1044171120-3602023571-1000UA.job
      - c:\users\Fernando\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-08 01:30]
      .
      2012-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-12 13:22]
      .
      2012-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-12 13:22]
      .
      2012-11-13 c:\windows\Tasks\HPCeeScheduleForFernando.job
      - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
      @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
      @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
      @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
      @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
      @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
      @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
      @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
      @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
      @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
      [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
      2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 97792 ----a-w- c:\users\Fernando\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 97792 ----a-w- c:\users\Fernando\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 97792 ----a-w- c:\users\Fernando\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 97792 ----a-w- c:\users\Fernando\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-03 168216]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-03 391960]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-03 419096]
      "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
      "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]
      "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
      "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
      "M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2010-12-07 798728]
      "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-10-05 9577680]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "AppInit_DLLs"=c:\windows\System32\guard64.dll
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      UxTuneUp
      .
      ------- Supplementary Scan -------
      .
      uStart Page = about:blank
      uLocal Page = c:\windows\system32\blank.htm
      uDefault_Search_URL = hxxp://www.google.com/ie
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = *.local
      uSearchAssistant = hxxp://www.google.com/ie
      uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
      IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
      IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 192.168.1.1
      FF - ProfilePath - c:\users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\b3sy63o3.default\
      FF - prefs.js: browser.startup.homepage - about:home
      FF - prefs.js: keyword.URL - hxxp://google.com
      FF - user.js: extensions.BabylonToolbar_i.id - a2cd0ab1000000000000c0f8da0fe808
      FF - user.js: extensions.BabylonToolbar_i.hardId - a2cd0ab1000000000000c0f8da0fe808
      FF - user.js: extensions.BabylonToolbar_i.instlDay - 15342
      FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1714:10
      FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
      FF - user.js: extensions.BabylonToolbar_i.newTab - false
      FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101067
      FF - user.js: extensions.BabylonToolbar_i.babExt -
      FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
      FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
      FF - user.js: extentions.y2layers.installId - 8fbfc958-a2a3-4f4e-9ce7-71bc3d108c5c
      FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,BestVideoDownloader,EzLooker,TwitTube,TopRelatedTopics,Buzzdock,
      FF - user.js: extensions.autoDisableScopes - 14
      FF - user.js: security.csp.enable - false
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Wow6432Node-HKLM-Run-<NO NAME> - (no file)
      AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
      AddRemove-Avira AntiVir Desktop - c:\program files (x86)\Avira\AntiVir Desktop\setup.exe
      AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\S-1-5-21-1196883540-1044171120-3602023571-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="SafariDownload"
      .
      [HKEY_USERS\S-1-5-21-1196883540-1044171120-3602023571-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
      @Denied: (2) (LocalSystem)
      @Denied: (2) (S-1-5-21-1196883540-1044171120-3602023571-1000)
      "Progid"="SafariHTML"
      .
      [HKEY_USERS\S-1-5-21-1196883540-1044171120-3602023571-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
      @Denied: (2) (S-1-5-21-1196883540-1044171120-3602023571-1000)
      @Denied: (2) (LocalSystem)
      "Progid"="FirefoxHTML"
      .
      [HKEY_USERS\S-1-5-21-1196883540-1044171120-3602023571-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="SafariExtension"
      .
      [HKEY_USERS\S-1-5-21-1196883540-1044171120-3602023571-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
      @Denied: (2) (LocalSystem)
      @Denied: (2) (S-1-5-21-1196883540-1044171120-3602023571-1000)
      "Progid"="SafariHTML"
      .
      [HKEY_USERS\S-1-5-21-1196883540-1044171120-3602023571-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="SafariHTML"
      .
      [HKEY_USERS\S-1-5-21-1196883540-1044171120-3602023571-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="SafariHTML"
      .
      [HKEY_USERS\S-1-5-21-1196883540-1044171120-3602023571-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
      @Denied: (2) (LocalSystem)
      @Denied: (2) (S-1-5-21-1196883540-1044171120-3602023571-1000)
      "Progid"="SafariHTML"
      .
      [HKEY_USERS\S-1-5-21-1196883540-1044171120-3602023571-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
      @Denied: (2) (LocalSystem)
      @Denied: (2) (S-1-5-21-1196883540-1044171120-3602023571-1000)
      "Progid"="SafariHTML"
      .
      [HKEY_USERS\S-1-5-21-1196883540-1044171120-3602023571-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="SafariHTML"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
      "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2012-11-30 02:21:15
      ComboFix-quarantined-files.txt 2012-11-30 01:21
      ComboFix2.txt 2012-11-14 11:46
      ComboFix3.txt 2012-11-10 14:30
      .
      Pre-Run: 251.485.491.200 bytes libres
      Post-Run: 251.079.204.864 bytes libres
      .
      - - End Of File - - D9637975D7C2E82164CC570AE82ED134

    8. #18
      Usuario Avatar de fete.o
      Registrado
      nov 2012
      Ubicación
      madrid
      Mensajes
      16

      Re: W32/Patched.UA





      Esto es el mensaje que geneera el solucionador de problemas de red depues de intentar desinstalar el comodo no se si sera por eso.....

    9. #19
      Usuario Avatar de fete.o
      Registrado
      nov 2012
      Ubicación
      madrid
      Mensajes
      16

      Re: W32/Patched.UA

      Ya esta he soluciona el problema del adaptador. No se conectaba debido a que comodo firewall se habia desinstalado mal. el problema es que no se como desinstalarlo

    10. #20
      Ex-Colaborador Avatar de Marr0n
      Registrado
      mar 2010
      Ubicación
      Catalunya
      Mensajes
      5.871

      Re: W32/Patched.UA

      Hola, primero de todo quiero pedirte disculpas por el tiempo que has estado esperando sin respuesta. Me surgieron una serie de imprevistos/problemas y no pude contestar a nadie del foro ya que estos se me ocupaban todo el tiempo libre que tenía y por lo tanto no podía contestar. Si aun necesitas ayuda y quieres que sigamos con el tema, actualiza la información del problema explicando si este persiste o no. Mil disculpas.

      Salu2.
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.