• Registrarse
  • Iniciar sesión


  • Resultados 1 al 6 de 6

    barra de virus

    hola, mirad eliminé searchnu del panel de control pero en google chrome por ejmplo en motores de busqueda no me sale ni nada incluso al iniciar google chrome me sale google.es, pero cuando le doy ...

    1. #1
      Usuario Avatar de manics
      Registrado
      sep 2012
      Ubicación
      Málaga
      Mensajes
      249

      barra de virus

      hola, mirad eliminé searchnu del panel de control pero en google chrome por ejmplo en motores de busqueda no me sale ni nada incluso al iniciar google chrome me sale google.es, pero cuando le doy a la casita que yo tengo en mi teclado me direcciona a http://www.searchnu.com/414 a ver si me podéis ayudar porque sigue estando ahi.

    2. #2
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: barra de virus

      Hola.


      Realiza lo siguiente:

      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.
      • Recuerda contarnos los resultados.


      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de manics
      Registrado
      sep 2012
      Ubicación
      Málaga
      Mensajes
      249

      Re: barra de virus

      ComboFix 12-11-08.01 - Manuel 12/11/2012 11:32:40.1.2 - x86
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.34.3082.18.3317.2344 [GMT 1:00]
      Running from: c:\users\Manuel\Descargas\ComboFix.exe
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files\GooglePlusVideos
      c:\program files\GooglePlusVideos\DeploymentHelper.exe
      c:\program files\GooglePlusVideos\FFExt\chrome.manifest
      c:\program files\GooglePlusVideos\FFExt\chrome\content\googleplusvideos.xul
      c:\program files\GooglePlusVideos\FFExt\install.rdf
      c:\program files\GooglePlusVideos\GooglePlusVideosLicense.txt
      c:\program files\GooglePlusVideos\GVConfig.ini
      c:\program files\GooglePlusVideos\MFC42U.DLL
      c:\program files\GooglePlusVideos\Uninstall.bat
      c:\programdata\mazuki.dll
      c:\programdata\page
      c:\programdata\page\page.ico
      c:\programdata\page\page.URL
      c:\users\Manuel\AppData\Roaming\Kaspersky_Key_Finder_(KKF
      c:\users\Manuel\AppData\Roaming\Kaspersky_Key_Finder_(KKF\Kaspersky_Key_Finder_v1.4_Url_m1uqqhc0ciiz34u4fxd1oaygshzk0fq4\1.4.4.0\user.config
      c:\windows\system32\shsvcs.dll.vgorg
      c:\windows\system32\themeui.dll.vgorg
      c:\windows\system32\uxtheme.dll.vgorg
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-10-12 to 2012-11-12 )))))))))))))))))))))))))))))))
      .
      .
      2012-11-12 09:02 . 2012-11-12 09:02 -------- d-----w- c:\programdata\CPA_VA
      2012-11-11 22:32 . 2012-11-11 23:07 -------- d-----w- c:\program files\Enigma Software Group
      2012-11-11 22:31 . 2012-11-11 23:06 -------- d-----w- c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP
      2012-11-11 18:18 . 2012-11-11 18:18 -------- d-----w- c:\program files\Intel
      2012-11-11 18:13 . 2012-11-11 18:13 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A39B4FAC-098A-43D1-9C34-6FC05638601B}\offreg.dll
      2012-11-11 17:48 . 2012-11-11 17:48 -------- d-----w- C:\Intel
      2012-11-11 17:18 . 2012-11-11 17:26 -------- d-----w- c:\program files\Argente - Registry Cleaner
      2012-11-11 16:55 . 2012-11-11 16:55 -------- d-----w- c:\users\Manuel\AppData\Roaming\Easeware
      2012-11-11 16:54 . 2012-11-11 16:54 -------- d-----w- c:\program files\Easeware
      2012-11-09 10:45 . 2012-11-09 10:45 -------- d-----w- C:\_OTL
      2012-11-09 08:27 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A39B4FAC-098A-43D1-9C34-6FC05638601B}\mpengine.dll
      2012-11-07 19:06 . 2012-11-07 19:35 -------- d-----w- c:\users\Manuel\AppData\Roaming\Skype
      2012-11-07 19:05 . 2012-11-07 19:05 -------- d-----w- c:\program files\Common Files\Skype
      2012-11-07 19:05 . 2012-11-07 22:21 -------- d-----r- c:\program files\Skype
      2012-11-07 19:05 . 2012-11-07 22:21 -------- d-----w- c:\programdata\Skype
      2012-11-07 18:16 . 2012-11-07 18:16 -------- d-----w- c:\users\Manuel\AppData\Roaming\DVDVideoSoft
      2012-11-07 18:16 . 2012-11-07 18:16 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
      2012-11-07 18:16 . 2012-11-07 18:16 -------- d-----w- c:\program files\DVDVideoSoft
      2012-11-07 15:24 . 2012-11-07 15:24 -------- d-----w- c:\programdata\boost_interprocess
      2012-11-07 15:24 . 2012-11-07 17:56 -------- d-----w- c:\users\Manuel\AppData\Roaming\FreeVideoConverter
      2012-11-06 18:10 . 2012-11-06 18:10 -------- d-----w- c:\program files\DAEMON Tools Lite
      2012-11-04 12:00 . 2012-11-04 12:00 -------- d-----w- c:\program files\Mozilla Maintenance Service
      2012-11-03 17:17 . 2012-11-03 17:17 -------- d-----w- c:\program files\Perion
      2012-11-03 17:16 . 2011-06-10 22:58 773968 ----a-w- c:\windows\system32\msvcr100.dll
      2012-11-03 17:16 . 2011-06-10 22:58 421200 ----a-w- c:\windows\system32\msvcp100.dll
      2012-11-03 17:16 . 2011-05-13 23:17 632656 ----a-w- c:\windows\system32\msvcr80.dll
      2012-11-03 17:16 . 2011-05-13 23:17 479232 ----a-w- c:\windows\system32\msvcm80.dll
      2012-11-03 17:16 . 2011-05-13 23:17 554832 ----a-w- c:\windows\system32\msvcp80.dll
      2012-11-03 17:14 . 2012-11-03 17:14 -------- d-----w- c:\program files\Gophoto.it
      2012-11-02 22:25 . 2012-11-02 22:25 -------- d-----w- c:\users\Manuel\AppData\Roaming\Sports Interactive
      2012-11-02 22:25 . 2012-11-02 22:25 -------- d-----w- c:\users\Manuel\AppData\Local\Sports Interactive
      2012-11-02 15:32 . 2012-11-02 15:32 -------- d-----w- c:\program files\ESET
      2012-10-29 09:03 . 2012-09-24 22:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
      2012-10-26 18:35 . 2012-09-19 10:10 29536 ----a-w- c:\windows\system32\uxtuneup.dll
      2012-10-26 18:25 . 2012-10-08 12:53 31584 ----a-w- c:\windows\system32\TURegOpt.exe
      2012-10-26 18:25 . 2012-10-08 12:53 21344 ----a-w- c:\windows\system32\authuitu.dll
      2012-10-26 18:25 . 2012-10-28 19:13 -------- d-----w- c:\program files\TuneUp Utilities 2013
      2012-10-26 18:21 . 2012-10-28 23:02 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
      2012-10-26 18:21 . 2012-10-26 18:21 -------- d--h--w- c:\programdata\Common Files
      2012-10-23 17:08 . 2012-10-23 17:08 -------- d-----w- c:\users\Manuel\AppData\Local\fontconfig
      2012-10-23 17:08 . 2012-10-23 17:24 -------- d-----w- c:\users\Manuel\.gimp-2.8
      2012-10-23 17:08 . 2012-10-23 17:08 -------- d-----w- c:\users\Manuel\AppData\Local\gegl-0.2
      2012-10-20 10:37 . 2012-10-20 10:37 -------- d-----w- c:\program files\Microsoft WSE
      2012-10-17 09:27 . 2012-11-07 21:58 -------- d-----w- c:\program files\SUPERAntiSpyware
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-11-07 23:37 . 2012-02-03 17:27 82952 ----a-w- c:\windows\system32\drivers\inspect.sys
      2012-11-07 23:37 . 2012-03-11 19:13 36072 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
      2012-11-07 23:37 . 2012-03-11 19:13 494416 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
      2012-11-07 23:37 . 2012-03-11 19:13 19632 ----a-w- c:\windows\system32\drivers\cmderd.sys
      2012-11-07 23:37 . 2012-03-11 19:13 34024 ----a-w- c:\windows\system32\cmdcsr.dll
      2012-11-07 23:37 . 2012-03-11 19:13 301264 ----a-w- c:\windows\system32\guard32.dll
      2012-11-06 18:10 . 2010-05-02 19:47 466008 ----a-w- c:\windows\system32\drivers\sptd.sys
      2012-10-30 22:51 . 2012-09-21 12:04 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
      2012-10-30 22:51 . 2012-09-21 12:04 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
      2012-10-30 22:51 . 2012-09-21 12:04 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
      2012-10-30 22:51 . 2012-09-21 12:04 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
      2012-10-30 22:51 . 2012-09-21 12:04 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
      2012-10-30 22:51 . 2012-09-21 12:04 41224 ----a-w- c:\windows\avastSS.scr
      2012-10-30 22:50 . 2012-09-21 12:04 227648 ----a-w- c:\windows\system32\aswBoot.exe
      2012-10-15 16:59 . 2012-09-21 12:04 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
      2012-10-09 09:42 . 2012-05-13 08:39 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2012-10-09 09:42 . 2012-03-05 20:06 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-09-29 17:54 . 2012-06-15 18:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-09-24 21:17 . 2012-09-24 21:17 1700352 ----a-w- c:\windows\system32\gdiplus.dll
      2012-09-20 22:27 . 2009-04-01 06:19 61440 ----a-w- c:\windows\system32\CleanMem.exe
      2012-09-14 18:28 . 2012-10-10 10:53 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-09-03 10:19 . 2012-04-28 10:50 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
      2012-09-03 10:19 . 2010-06-21 08:19 746984 ----a-w- c:\windows\system32\deployJava1.dll
      2012-08-31 17:18 . 2012-10-10 10:53 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
      2012-08-30 17:12 . 2012-10-10 10:52 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2012-08-30 17:12 . 2012-10-10 10:52 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
      2012-08-24 16:57 . 2012-10-10 10:53 172544 ----a-w- c:\windows\system32\wintrust.dll
      2012-08-24 06:59 . 2012-09-21 21:46 1800704 ----a-w- c:\windows\system32\jscript9.dll
      2012-08-24 06:51 . 2012-09-21 21:46 1129472 ----a-w- c:\windows\system32\wininet.dll
      2012-08-24 06:51 . 2012-09-21 21:46 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-08-24 06:47 . 2012-09-21 21:46 142848 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-08-24 06:47 . 2012-09-21 21:46 420864 ----a-w- c:\windows\system32\vbscript.dll
      2012-08-24 06:43 . 2012-09-21 21:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-08-22 17:16 . 2012-09-11 19:37 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2012-08-22 17:16 . 2012-09-11 19:37 240496 ----a-w- c:\windows\system32\drivers\netio.sys
      2012-08-22 17:16 . 2012-09-11 19:37 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
      2012-08-22 17:16 . 2012-09-11 19:37 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2012-08-21 20:12 . 2012-09-25 20:44 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
      2012-08-20 17:40 . 2012-10-10 10:53 169984 ----a-w- c:\windows\system32\winsrv.dll
      2012-08-20 17:40 . 2012-10-10 10:53 293376 ----a-w- c:\windows\system32\KernelBase.dll
      2012-08-20 17:37 . 2012-10-10 10:53 271360 ----a-w- c:\windows\system32\conhost.exe
      2012-08-20 17:32 . 2012-10-10 10:53 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
      2012-08-20 15:33 . 2012-10-10 10:53 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2012-08-20 15:33 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2012-08-20 15:33 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
      2012-08-20 15:33 . 2012-10-10 10:53 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
      2012-10-24 17:50 . 2012-11-04 12:00 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
      "ares"="c:\program files\Ares\Ares.exe" [2012-02-02 3209216]
      "Spotify Web Helper"="c:\users\Manuel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-26 1199576]
      "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-07-11 1022352]
      "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
      "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2012-09-24 802304]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 0 (0x0)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
      "AppInit_DLLs"=c:\windows\System32\guard32.dll
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
      BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean.exe
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser companion helper
      HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
      HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StillImageMonitor
      HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Telefonica
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
      2012-02-02 15:55 3209216 ----a-w- c:\program files\Ares\Ares.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
      2012-10-24 20:17 3157856 ----a-w- c:\program files\CCleaner\CCleaner.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
      2012-11-06 10:46 3673728 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
      2009-09-15 10:43 173592 ----a-w- c:\windows\System32\hkcmd.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
      2009-09-15 10:43 141848 ----a-w- c:\windows\System32\igfxtray.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
      2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
      2009-09-15 10:43 150552 ----a-w- c:\windows\System32\igfxpers.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService]
      2012-09-24 17:59 802304 ----a-w- c:\program files\Yuna Software\Messenger Plus!\PlusService.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
      2012-10-26 14:39 1199576 ----a-w- c:\users\Manuel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
      2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
      2012-11-07 21:58 4763008 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
      2008-06-13 17:11 210216 ----a-w- c:\program files\Cyberlink\Power2Go\MUITransfer\MUIStartMenu.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut]
      2008-06-13 17:11 210216 ----a-w- c:\program files\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
      2008-09-11 14:32 210216 ----a-w- c:\program files\Cyberlink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
      2012-07-11 11:34 1022352 ----a-w- c:\program files\uTorrent\uTorrent.exe
      .
      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
      "Google Update"="c:\users\Manuel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
      "ares"="c:\program files\Ares\Ares.exe" -h
      "AutoStartNPSAgent"=c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
      "uTorrent"="c:\program files\uTorrent\uTorrent.exe" /MINIMIZED
      "Spotify Web Helper"="c:\users\Manuel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
      "SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
      "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
      "cploader.exe"=c:\windows\system32\cploader.exe
      "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
      "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      .
      R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [x]
      R2 OMSCAN;OMSCAN;Sys?? [x]
      R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
      R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]
      R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [x]
      R3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\PC-DOC~1\PCD5SRVC.pkms [x]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
      R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
      R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
      R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
      R4 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]
      S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
      S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
      S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
      S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
      S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
      S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
      S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x]
      S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [x]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
      S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [x]
      .
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      UxTuneUp
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-11-12 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files\Glary Utilities\initialize.exe [2011-04-27 10:45]
      .
      2012-11-11 c:\windows\Tasks\GlaryOneClickOptimizer.job
      - c:\program files\Glary Utilities\oneclickoptimizer.exe [2011-04-27 10:45]
      .
      2012-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 16:12]
      .
      2012-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 16:12]
      .
      2012-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2154885428-189330661-2984291346-1000Core.job
      - c:\users\Manuel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-04 13:13]
      .
      2012-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2154885428-189330661-2984291346-1000UA.job
      - c:\users\Manuel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-04 13:13]
      .
      2012-10-26 c:\windows\Tasks\HPCeeScheduleForManuel.job
      - c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-01-05 10:12]
      .
      2012-10-27 c:\windows\Tasks\PCDRScheduledMaintenance.job
      - c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-09-10 14:43]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.es/
      uDefault_Search_URL = hxxp://www.google.com/ie
      mStart Page = hxxp://www.google.com
      uInternet Settings,ProxyOverride = local
      uInternet Settings,ProxyServer = 195.162.195.10:8080
      uSearchAssistant = hxxp://www.google.com/ie
      uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
      IE: &Block This Image (ABP)
      IE: Free YouTube Download - c:\users\Manuel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
      IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
      TCP: DhcpNameServer = 62.42.230.24 62.42.63.52
      FF - ProfilePath - c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\
      FF - prefs.js: browser.search.selectedEngine - Twitter
      FF - prefs.js: browser.startup.homepage - hxxp://google.com
      FF - prefs.js: keyword.URL - hxxp://google.com
      FF - ExtSQL: 2012-11-02 12:35; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
      FF - ExtSQL: 2012-11-04 13:06; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      FF - ExtSQL: 2012-11-04 19:47; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
      FF - ExtSQL: 2012-11-04 19:49; [email protected]; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\extensions\[email protected]
      FF - ExtSQL: 2012-11-05 10:55; [email protected]; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\extensions\[email protected]
      FF - ExtSQL: 2012-11-05 10:55; {E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
      FF - user.js: network.http.max-persistent-connections-per-server - 4
      FF - user.js: nglayout.initialpaint.delay - 600
      FF - user.js: content.notify.interval - 600000
      FF - user.js: content.max.tokenizing.time - 1800000
      FF - user.js: content.switch.threshold - 600000
      .
      - - - - ORPHANS REMOVED - - - -
      .
      URLSearchHooks-{68d6c015-c699-4b66-800f-5709bdeddd8b} - (no file)
      URLSearchHooks-{db131c55-60c8-4adc-84dc-9e76ab06e2dc} - (no file)
      URLSearchHooks-{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
      Toolbar-10 - (no file)
      WebBrowser-{68D6C015-C699-4B66-800F-5709BDEDDD8B} - (no file)
      HKLM-Run-COMODO Internet Security - c:\program files\COMODO\COMODO Internet Security\cfp.exe
      AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
      AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
      AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
      AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
      AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
      AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
      AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
      AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
      AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
      AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
      AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
      AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
      AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
      AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
      AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
      AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
      AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
      .
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\OMSCAN]
      "ImagePath"="\Sys"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCD5SRVC{BD6912E3-AC9D80E8-05040000}]
      "ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\S-1-5-21-2154885428-189330661-2984291346-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C3C1BBA5-3CF4-31B4-0D16-CB7DC0711D7C}*]
      "japaocnoocgbfbbilaah"=hex:62,61,61,65,00,00
      "iapbnpkhpedfmaalge"=hex:6b,61,69,64,64,70,65,62,6f,6b,69,6c,61,6d,6e,6c,66,66,
      6c,68,61,69,00,03
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
      @="?????????????????? v1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
      @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
      @="?????????????????? v2"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
      @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\AVAST Software\Avast\AvastSvc.exe
      c:\windows\system32\taskhost.exe
      c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
      c:\program files\Common Files\LightScribe\LSSrvc.exe
      c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
      c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
      c:\program files\CleanMem\mini_monitor.exe
      c:\windows\system32\WUDFHost.exe
      c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
      c:\windows\system32\conhost.exe
      c:\program files\Windows Media Player\wmpnetwk.exe
      c:\windows\system32\sppsvc.exe
      c:\windows\servicing\TrustedInstaller.exe
      .
      **************************************************************************
      .
      Completion time: 2012-11-12 11:48:59 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-11-12 10:48
      .
      Pre-Run: 481.032.802.304 bytes libres
      Post-Run: 480.836.177.920 bytes libres
      .
      - - End Of File - - 934537BDFCBEABC8CE3D5B8EE9944765

    4. #4
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: barra de virus

      Hola.

      Realiza lo siguiente:

      1.-Abrir el Notepad (Bloc de Notas)
      • Ir a INICIO > EJECUTAR >
      • Y ahí pones notepad.exe y ACEPTAR


      2.-Ahora copia y pega estos archivos dentro del Notepad

      Código:
      KillAll::
      
      ClearJavaCache::
      
      File::
      c:\windows\system32\cploader.exe
      
      Registry::
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "cploader.exe"=-
      3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

      4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

      • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?


      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de manics
      Registrado
      sep 2012
      Ubicación
      Málaga
      Mensajes
      249

      Re: barra de virus

      ComboFix 12-11-08.01 - Manuel 13/11/2012 11:14:43.2.2 - x86
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.34.3082.18.3317.2352 [GMT 1:00]
      Running from: c:\users\Manuel\Desktop\ComboFix.exe
      Command switches used :: c:\users\Manuel\Desktop\CFScript.txt
      FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
      SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      - REDUCED FUNCTIONALITY MODE -
      .
      FILE ::
      "c:\windows\system32\cploader.exe"
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\windows\system32\cploader.exe
      c:\windows\system32\LANG\ENGLISH.LNG
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-10-13 to 2012-11-13 )))))))))))))))))))))))))))))))
      .
      .
      2012-11-13 10:16 . 2012-11-13 10:16 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-11-13 08:17 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70C45769-B390-43EC-BF89-9764D94C4E11}\mpengine.dll
      2012-11-12 11:13 . 2012-11-13 10:17 -------- d-----w- c:\windows\system32\wbem\repository
      2012-11-12 11:09 . 2012-11-12 11:09 -------- d-----w- c:\users\Manuel\AppData\Roaming\Uninstaller Tool(Comodo Forums)
      2012-11-12 09:02 . 2012-11-12 09:02 -------- d-----w- c:\programdata\CPA_VA
      2012-11-11 22:32 . 2012-11-11 23:07 -------- d-----w- c:\program files\Enigma Software Group
      2012-11-11 22:31 . 2012-11-11 23:06 -------- d-----w- c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP
      2012-11-11 18:18 . 2012-11-11 18:18 -------- d-----w- c:\program files\Intel
      2012-11-11 17:48 . 2012-11-11 17:48 -------- d-----w- C:\Intel
      2012-11-11 17:18 . 2012-11-11 17:26 -------- d-----w- c:\program files\Argente - Registry Cleaner
      2012-11-11 16:55 . 2012-11-11 16:55 -------- d-----w- c:\users\Manuel\AppData\Roaming\Easeware
      2012-11-11 16:54 . 2012-11-11 16:54 -------- d-----w- c:\program files\Easeware
      2012-11-09 10:45 . 2012-11-09 10:45 -------- d-----w- C:\_OTL
      2012-11-07 19:06 . 2012-11-07 19:35 -------- d-----w- c:\users\Manuel\AppData\Roaming\Skype
      2012-11-07 19:05 . 2012-11-07 19:05 -------- d-----w- c:\program files\Common Files\Skype
      2012-11-07 19:05 . 2012-11-07 22:21 -------- d-----r- c:\program files\Skype
      2012-11-07 19:05 . 2012-11-07 22:21 -------- d-----w- c:\programdata\Skype
      2012-11-07 18:16 . 2012-11-07 18:16 -------- d-----w- c:\users\Manuel\AppData\Roaming\DVDVideoSoft
      2012-11-07 18:16 . 2012-11-07 18:16 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
      2012-11-07 18:16 . 2012-11-07 18:16 -------- d-----w- c:\program files\DVDVideoSoft
      2012-11-07 15:24 . 2012-11-07 15:24 -------- d-----w- c:\programdata\boost_interprocess
      2012-11-07 15:24 . 2012-11-07 17:56 -------- d-----w- c:\users\Manuel\AppData\Roaming\FreeVideoConverter
      2012-11-06 18:10 . 2012-11-06 18:10 -------- d-----w- c:\program files\DAEMON Tools Lite
      2012-11-04 12:00 . 2012-11-04 12:00 -------- d-----w- c:\program files\Mozilla Maintenance Service
      2012-11-03 17:17 . 2012-11-03 17:17 -------- d-----w- c:\program files\Perion
      2012-11-03 17:16 . 2011-06-10 22:58 773968 ----a-w- c:\windows\system32\msvcr100.dll
      2012-11-03 17:16 . 2011-06-10 22:58 421200 ----a-w- c:\windows\system32\msvcp100.dll
      2012-11-03 17:16 . 2011-05-13 23:17 632656 ----a-w- c:\windows\system32\msvcr80.dll
      2012-11-03 17:16 . 2011-05-13 23:17 479232 ----a-w- c:\windows\system32\msvcm80.dll
      2012-11-03 17:16 . 2011-05-13 23:17 554832 ----a-w- c:\windows\system32\msvcp80.dll
      2012-11-03 17:14 . 2012-11-03 17:14 -------- d-----w- c:\program files\Gophoto.it
      2012-11-02 22:25 . 2012-11-02 22:25 -------- d-----w- c:\users\Manuel\AppData\Roaming\Sports Interactive
      2012-11-02 22:25 . 2012-11-02 22:25 -------- d-----w- c:\users\Manuel\AppData\Local\Sports Interactive
      2012-11-02 15:32 . 2012-11-02 15:32 -------- d-----w- c:\program files\ESET
      2012-10-29 09:03 . 2012-09-24 22:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
      2012-10-26 18:35 . 2012-09-19 10:10 29536 ----a-w- c:\windows\system32\uxtuneup.dll
      2012-10-26 18:25 . 2012-10-08 12:53 31584 ----a-w- c:\windows\system32\TURegOpt.exe
      2012-10-26 18:25 . 2012-10-08 12:53 21344 ----a-w- c:\windows\system32\authuitu.dll
      2012-10-26 18:25 . 2012-10-28 19:13 -------- d-----w- c:\program files\TuneUp Utilities 2013
      2012-10-26 18:21 . 2012-10-28 23:02 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
      2012-10-26 18:21 . 2012-10-26 18:21 -------- d--h--w- c:\programdata\Common Files
      2012-10-23 17:08 . 2012-10-23 17:08 -------- d-----w- c:\users\Manuel\AppData\Local\fontconfig
      2012-10-23 17:08 . 2012-10-23 17:24 -------- d-----w- c:\users\Manuel\.gimp-2.8
      2012-10-23 17:08 . 2012-10-23 17:08 -------- d-----w- c:\users\Manuel\AppData\Local\gegl-0.2
      2012-10-20 10:37 . 2012-10-20 10:37 -------- d-----w- c:\program files\Microsoft WSE
      2012-10-17 09:27 . 2012-11-07 21:58 -------- d-----w- c:\program files\SUPERAntiSpyware
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-11-13 09:15 . 2012-05-13 08:39 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2012-11-13 09:15 . 2012-03-05 20:06 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-11-07 23:37 . 2012-02-03 18:27 82952 ----a-w- c:\windows\system32\drivers\inspect.sys
      2012-11-07 23:37 . 2012-03-11 20:13 36072 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
      2012-11-07 23:37 . 2012-03-11 20:13 494416 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
      2012-11-07 23:37 . 2012-03-11 20:13 19632 ----a-w- c:\windows\system32\drivers\cmderd.sys
      2012-11-07 23:37 . 2012-03-11 19:13 34024 ----a-w- c:\windows\system32\cmdcsr.dll
      2012-11-07 23:37 . 2012-03-11 20:13 301264 ----a-w- c:\windows\system32\guard32.dll
      2012-11-06 18:10 . 2010-05-02 19:47 466008 ----a-w- c:\windows\system32\drivers\sptd.sys
      2012-10-30 22:51 . 2012-09-21 12:04 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
      2012-10-30 22:51 . 2012-09-21 12:04 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
      2012-10-30 22:51 . 2012-09-21 12:04 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
      2012-10-30 22:51 . 2012-09-21 12:04 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
      2012-10-30 22:51 . 2012-09-21 12:04 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
      2012-10-30 22:51 . 2012-09-21 12:04 41224 ----a-w- c:\windows\avastSS.scr
      2012-10-30 22:50 . 2012-09-21 12:04 227648 ----a-w- c:\windows\system32\aswBoot.exe
      2012-10-15 16:59 . 2012-09-21 12:04 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
      2012-09-29 17:54 . 2012-06-15 18:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-09-24 21:17 . 2012-09-24 21:17 1700352 ----a-w- c:\windows\system32\gdiplus.dll
      2012-09-20 22:27 . 2009-04-01 06:19 61440 ----a-w- c:\windows\system32\CleanMem.exe
      2012-09-14 18:28 . 2012-10-10 10:53 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-09-03 10:19 . 2012-04-28 10:50 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
      2012-09-03 10:19 . 2010-06-21 08:19 746984 ----a-w- c:\windows\system32\deployJava1.dll
      2012-08-31 17:18 . 2012-10-10 10:53 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
      2012-08-30 17:12 . 2012-10-10 10:52 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2012-08-30 17:12 . 2012-10-10 10:52 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
      2012-08-24 16:57 . 2012-10-10 10:53 172544 ----a-w- c:\windows\system32\wintrust.dll
      2012-08-24 06:59 . 2012-09-21 21:46 1800704 ----a-w- c:\windows\system32\jscript9.dll
      2012-08-24 06:51 . 2012-09-21 21:46 1129472 ----a-w- c:\windows\system32\wininet.dll
      2012-08-24 06:51 . 2012-09-21 21:46 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-08-24 06:47 . 2012-09-21 21:46 142848 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-08-24 06:47 . 2012-09-21 21:46 420864 ----a-w- c:\windows\system32\vbscript.dll
      2012-08-24 06:43 . 2012-09-21 21:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-08-22 17:16 . 2012-09-11 19:37 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2012-08-22 17:16 . 2012-09-11 19:37 240496 ----a-w- c:\windows\system32\drivers\netio.sys
      2012-08-22 17:16 . 2012-09-11 19:37 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
      2012-08-22 17:16 . 2012-09-11 19:37 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2012-08-21 20:12 . 2012-09-25 20:44 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
      2012-08-20 17:40 . 2012-10-10 10:53 169984 ----a-w- c:\windows\system32\winsrv.dll
      2012-08-20 17:40 . 2012-10-10 10:53 293376 ----a-w- c:\windows\system32\KernelBase.dll
      2012-08-20 17:37 . 2012-10-10 10:53 271360 ----a-w- c:\windows\system32\conhost.exe
      2012-08-20 17:32 . 2012-10-10 10:53 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2012-08-20 17:32 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
      2012-08-20 15:33 . 2012-10-10 10:53 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2012-08-20 15:33 . 2012-10-10 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2012-08-20 15:33 . 2012-10-10 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
      2012-08-20 15:33 . 2012-10-10 10:53 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
      2012-10-24 17:50 . 2012-11-04 12:00 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
      "ares"="c:\program files\Ares\Ares.exe" [2012-02-02 3209216]
      "Spotify Web Helper"="c:\users\Manuel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-26 1199576]
      "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-07-11 1022352]
      "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
      "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2012-09-24 802304]
      "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 6756048]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 0 (0x0)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
      "AppInit_DLLs"=c:\windows\System32\guard32.dll c:\windows\System32\guard32.dll
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
      BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean.exe
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
      2012-02-02 15:55 3209216 ----a-w- c:\program files\Ares\Ares.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
      2012-10-24 20:17 3157856 ----a-w- c:\program files\CCleaner\CCleaner.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
      2012-11-06 10:46 3673728 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
      2009-09-15 10:43 173592 ----a-w- c:\windows\System32\hkcmd.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
      2009-09-15 10:43 141848 ----a-w- c:\windows\System32\igfxtray.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
      2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
      2009-09-15 10:43 150552 ----a-w- c:\windows\System32\igfxpers.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService]
      2012-09-24 17:59 802304 ----a-w- c:\program files\Yuna Software\Messenger Plus!\PlusService.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
      2012-10-26 14:39 1199576 ----a-w- c:\users\Manuel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
      2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
      2012-11-07 21:58 4763008 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
      2008-06-13 17:11 210216 ----a-w- c:\program files\Cyberlink\Power2Go\MUITransfer\MUIStartMenu.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut]
      2008-06-13 17:11 210216 ----a-w- c:\program files\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
      2008-09-11 14:32 210216 ----a-w- c:\program files\Cyberlink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
      2012-07-11 11:34 1022352 ----a-w- c:\program files\uTorrent\uTorrent.exe
      .
      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
      "Google Update"="c:\users\Manuel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
      "ares"="c:\program files\Ares\Ares.exe" -h
      "AutoStartNPSAgent"=c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
      "uTorrent"="c:\program files\uTorrent\uTorrent.exe" /MINIMIZED
      "Spotify Web Helper"="c:\users\Manuel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
      "SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
      "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
      "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
      "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      .
      R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [x]
      R2 OMSCAN;OMSCAN;Sys?? [x]
      R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
      R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]
      R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [x]
      R3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\PC-DOC~1\PCD5SRVC.pkms [x]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
      R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
      R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
      R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
      R4 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]
      S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
      S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
      S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
      S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
      S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
      S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
      S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
      S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
      S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x]
      S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [x]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
      S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [x]
      .
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      UxTuneUp
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-11-13 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-13 09:15]
      .
      2012-11-13 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files\Glary Utilities\initialize.exe [2011-04-27 10:45]
      .
      2012-11-12 c:\windows\Tasks\GlaryOneClickOptimizer.job
      - c:\program files\Glary Utilities\oneclickoptimizer.exe [2011-04-27 10:45]
      .
      2012-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 16:12]
      .
      2012-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 16:12]
      .
      2012-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2154885428-189330661-2984291346-1000Core.job
      - c:\users\Manuel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-04 13:13]
      .
      2012-11-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2154885428-189330661-2984291346-1000UA.job
      - c:\users\Manuel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-04 13:13]
      .
      2012-10-26 c:\windows\Tasks\HPCeeScheduleForManuel.job
      - c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-01-05 10:12]
      .
      2012-10-27 c:\windows\Tasks\PCDRScheduledMaintenance.job
      - c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-09-10 14:43]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = https://www.google.es/
      uDefault_Search_URL = hxxp://www.google.com/ie
      mStart Page = hxxp://www.google.com
      uInternet Settings,ProxyOverride = local
      uInternet Settings,ProxyServer = 195.162.195.10:8080
      uSearchAssistant = hxxp://www.google.com/ie
      uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
      IE: &Block This Image (ABP)
      IE: Free YouTube Download - c:\users\Manuel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
      IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
      TCP: DhcpNameServer = 62.42.230.24 62.42.63.52
      FF - ProfilePath - c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\
      FF - prefs.js: browser.search.selectedEngine - Twitter
      FF - prefs.js: browser.startup.homepage - hxxp://google.com
      FF - prefs.js: keyword.URL - hxxp://google.com
      FF - ExtSQL: 2012-11-02 12:35; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
      FF - ExtSQL: 2012-11-04 13:06; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      FF - ExtSQL: 2012-11-04 19:47; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
      FF - ExtSQL: 2012-11-04 19:49; [email protected]; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\extensions\[email protected]
      FF - ExtSQL: 2012-11-05 10:55; [email protected]; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\extensions\[email protected]
      FF - ExtSQL: 2012-11-05 10:55; {E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}; c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ra0ph7i5.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
      FF - user.js: network.http.max-persistent-connections-per-server - 4
      FF - user.js: nglayout.initialpaint.delay - 600
      FF - user.js: content.notify.interval - 600000
      FF - user.js: content.max.tokenizing.time - 1800000
      FF - user.js: content.switch.threshold - 600000
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\OMSCAN]
      "ImagePath"="\Sys"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCD5SRVC{BD6912E3-AC9D80E8-05040000}]
      "ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\S-1-5-21-2154885428-189330661-2984291346-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C3C1BBA5-3CF4-31B4-0D16-CB7DC0711D7C}*]
      "japaocnoocgbfbbilaah"=hex:62,61,61,65,00,00
      "iapbnpkhpedfmaalge"=hex:6b,61,69,64,64,70,65,62,6f,6b,69,6c,61,6d,6e,6c,66,66,
      6c,68,61,69,00,03
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
      @="?????????????????? v1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
      @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
      @="?????????????????? v2"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
      @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------
      .
      - - - - - - - > 'lsass.exe'(688)
      c:\windows\system32\guard32.dll
      .
      - - - - - - - > 'Explorer.exe'(4696)
      c:\windows\system32\guard32.dll
      c:\windows\system32\taskschd.dll
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\AVAST Software\Avast\AvastSvc.exe
      c:\windows\system32\taskhost.exe
      c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
      c:\program files\Common Files\LightScribe\LSSrvc.exe
      c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
      c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
      c:\program files\CleanMem\mini_monitor.exe
      c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
      c:\windows\system32\WUDFHost.exe
      c:\windows\system32\conhost.exe
      c:\program files\Windows Media Player\wmpnetwk.exe
      c:\windows\system32\sppsvc.exe
      c:\windows\servicing\TrustedInstaller.exe
      .
      **************************************************************************
      .
      Completion time: 2012-11-13 11:24:10 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-11-13 10:24
      ComboFix2.txt 2012-11-12 10:49
      .
      Pre-Run: 474.560.540.672 bytes libres
      Post-Run: 474.304.352.256 bytes libres
      .
      - - End Of File - - 3632B4ECFE8DB591B21C006C477962F2

      El PC me va bien aunque no es muy incómodo cuando pulso el boton de mi teclado la casita me sigue saliendo en chrome esto searchnu.com/414, creo que lo que haré es eliminar por completo google chrom porque incluso en la página deportiva marca los videos no me funcionan correctamente

    6. #6
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: barra de virus

      Hola.

      .- Usa Revo Uninstaller para desinstalar Google Chrome. Luego si quieres lo reinstalas.

      .- Para terminar solo te quedaría desinstalar CF de la siguiente manera:

      • Ir a Inicio > Ejecutar
      • Escribir lo siguiente: ComboFix /Uninstall como muestra la imagen debajo:

      • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")


      Nos avisas para cerra el post.

      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.