• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 19 de 19

    comportamiento inestable en mi pc y documentos que no logro renocnonocer ni abrir

    Resumen del tema: comportamiento inestable en mi pc y documentos que no logro renocnonocer ni abrir - Hola, No intentes eliminar ninguno de todos esos ficheros o directorios que mencionaste. Te dejo un tutorial sobre cómo subir imágenes: ¿Cómo subir imágenes al Foro? *TUTORIAL* Los reportes, tal y como los estás pegando, ...

    1. #11
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.470

      Re: comportamiento inestable en mi pc y documentos que no logro renocnonocer ni abri

      Hola,

      No intentes eliminar ninguno de todos esos ficheros o directorios que mencionaste.
      Te dejo un tutorial sobre cómo subir imágenes:
      ¿Cómo subir imágenes al Foro? *TUTORIAL*

      Los reportes, tal y como los estás pegando, están perfectos Esa es la forma correcta de colocarlos.

      Por favor, realiza lo siguiente:

      Actualiza y ejecuta Malwarebytes Antimalware.
      • Selecciona "Realizar un análisis completo" y luego presiona Analizar.
      • El Análisis puede tomar algún tiempo para terminar, así que por favor se paciente.
      • Cuando el Análisis se haya completado, haga clic en 'Aceptar', a continuación, mostrar los resultados. Elimina todo lo que encuentre (Haciendo clic en "Eliminar seleccionados") como muestra la imagen
      • Es posible que le solicite reiniciar su ordenador para completar con la desinfección y reparación de las áreas afectadas del sistema, por lo que permita el reinicio para terminar.
      Descarga y ejecuta >> Ccleaner.
      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).
      Realiza un análisis completo con Eset Online Scanner de la siguiente forma:
      Lo ejecutas.

      Marcas las casillas de Eliminar las amenazas detectadas y Analizar archivos.

      Haces clic en Configuración adicional y ahi marcas las casillas:
      • Analizar en busca de aplicaciones potencialmente indeseables.
      • Analizar en busca de aplicaciones potencialmente peligrosas.
      • Activar la tecnolgía Anti-Stealth.


      Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.

      Presioná Lista de las amenazas encontradas.


      Exportá a un archivo de texto.

      Localizar el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log
      Descarga USBFIX (Lee atentamente su manual)

      Ejecuta USBFix de la siguiente manera:

      Conecta todos tus dispositivos extraibles, (pendrive, disco duro externo, Micro SD, etc)
      Haga doble Click sobre USBFix
      Pulsa la opción Supresión
      El proceso de desinfección se iniciará, el ordenador se reiniciará si es necesario.
      Cuando Windows inicie, USBFix arrancará en automático, para complementar el proceso de desinfección y vacunación.
      USBFix, genera un reporte, el cual se encuentra generalmente en C:\USBFix.txt

      Nota: UsbFix creará una carpeta oculta llamada "autorun.inf" en cada partición y cada unidad USB que se encuentre conectado al momento de ejecutar este. No elimine esta carpeta ... eso le ayudará a proteger sus dispositivos USB de futuras infecciones.
      Nos traes el reporte de AT-Destroyer (El At-destroyer.txt que mencionás), el de MBAM, el de ESET, y el de USBFix.
      Y nos comentás cómo funciona tu equipo
      Saludos
      Última edición por Raudron fecha: 05/12/12 a las 21:39:11

    2. #12
      Usuario Avatar de rojo_33_45
      Registrado
      jun 2008
      Ubicación
      mexico
      Mensajes
      12

      Re: comportamiento inestable en mi pc y documentos que no logro renocnonocer ni abri

      es principalmente por las carpetas:
      system volume information
      $RECYCLE.BIN
      por las que tengo la preocupación, aun después de recuperar el sistema y seguir varios temas, siguen ahi... también dentro de los archivos del sistema hay carpetas de programas que instalé hace mucho y ya quite también desde hace mucho, y siguen algunos de ellos, me dicen que necesito permiso para eliminarlos (de tueinstaller o algo asi), ya intente iniciando en modo seguro y analizándolos con los antivirus, pero siguen ahí. en cuanto a las dos carpetas que te menciono al principio hermano. la vdd en definitiva no se como eliminarlos, incluso al tratar de moverlos, cambiar atributos o algo que pudiera hacer yo manualmente, misteriosamente se pone lenta la pc, los archivos desaparecen y reaparecen; incluso he notado en administrador de tareas (en procesos) que hay algunos que a veces están y a veces no están, algunos coinciden curiosamente con el nombre de muchas de las carpetas que he eliminado una y otra vez de distintas partes de mi pc, no recuerdo bien sus nombres, incluso no recuerdo en que parte del foro vi que algunos de ellos eran virus, no tengo historial por el CCleaner. recuerdo el nombre aproximado de algunas de ellas:

      Codec-c
      babylon
      system volumen inf

      ------------------------------------------------------------------------
      esto es lo unico que me arroja cuando le doy a "reporte" en at destroyer
      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 08:55:07 \\\ 05/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Google Chrome:23.0.1271.95
      Privilegios: Diego - Administrador
      Modo Actual: Modo Seguro.
      Nombre del pc: ROJO
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:Diego
      Lenguaje del sistema: Español


      ------------------------------------------------------------------------
      esto es lo único que me sale en un archivo que me guarda panda cuando le doy a ver informe detallado (despues del análisis no salio nada mas)

      Suceso Fecha/Hora Estado Información adicional
      ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
      Análisis 05/12/2012 6:48:20 p.m. Finalizado Analizando: todo mi PC
      Herramienta de hacking detectada Exploit/MS04-028.gen 05/12/2012 3:53:13 p.m. Eliminado/a Ubicación: C:\Users\Diego\Desktop\Montagem Pt - Mp3 320k\Encarte Pt\Contra Capa.jpg
      Cookie detectada Cookie/Apmebf 05/12/2012 3:51:51 p.m. Eliminado/a Ubicación: C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Cookies[.apmebf.com/]
      Sincronización 05/12/2012 3:20:55 p.m. Sincronizado Tu protección se ha sincronizado con la nube contra las últimas amenazas.
      Análisis 05/12/2012 3:04:32 p.m. Comenzado Analizando: todo mi PC
      Troyano detectado/a Trj/OCJ.A 05/12/2012 2:59:43 p.m. Eliminado/a Ubicación: C:\Users\Diego\Downloads\OTM.exe
      Ordenador vacunado 05/12/2012 2:57:21 p.m. Vacunado Tu ordenador ha sido vacunado.


      -------------------------------------------------------------------------------------------------


      estos son de malware bites, los realice periodicamente y en distintos modos



      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.12.03.04

      Windows 7 Service Pack 1 x64 NTFS (modo seguro)
      Internet Explorer 9.0.8112.16421
      Diego :: ROJO [administrador]

      Protección: Personas de movilidad reducida

      05/12/2012 2:13:02 p.m.
      mbam-log-2012-12-05 (14-13-02).txt

      Tipos de Análisis: Análisis personalizado (C:\|)
      Opciones de análisis activado: Sistema de archivos | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: Memoria | Inicio | Registro | Heurística/Extra | P2P
      Objetos examinados: 49042
      Tiempo transcurrido: 22 minuto(s), 54 segundo(s) [abortado]

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)



      ---------------------
      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.12.03.04

      Windows 7 Service Pack 1 x64 NTFS (modo seguro)
      Internet Explorer 9.0.8112.16421
      Diego :: ROJO [administrador]

      Protección: Personas de movilidad reducida

      05/12/2012 9:03:36 a.m.
      mbam-log-2012-12-05 (09-03-36).txt

      Tipos de Análisis: Análisis personalizado (C:\|)
      Opciones de análisis activado: Sistema de archivos | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: Memoria | Inicio | Registro | Heurística/Extra | P2P
      Objetos examinados: 164668
      Tiempo transcurrido: 1 hora(s), 25 minuto(s), 43 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)
      --------------
      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.12.03.04

      Windows 7 Service Pack 1 x64 NTFS (modo seguro)
      Internet Explorer 9.0.8112.16421
      Diego :: ROJO [administrador]

      Protección: Personas de movilidad reducida

      05/12/2012 7:29:19 a.m.
      mbam-log-2012-12-05 (07-29-19).txt

      Tipos de Análisis: Análisis personalizado (C:\Program Files (x86)\Common Files\Hewlett-Packard|)
      Opciones de análisis activado: Sistema de archivos | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: Memoria | Inicio | Registro | Heurística/Extra | P2P
      Objetos examinados: 53
      Tiempo transcurrido: 14 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)
      ----------
      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.12.03.04

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Diego :: ROJO [administrador]

      Protección: Habilitado

      05/12/2012 7:20:53 a.m.
      mbam-log-2012-12-05 (07-20-53).txt

      Tipos de Análisis: Análisis personalizado (C:\ProgramData\Partner|)
      Opciones de análisis activado: Sistema de archivos | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: Memoria | Inicio | Registro | Heurística/Extra | P2P
      Objetos examinados: 1
      Tiempo transcurrido: 5 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)
      -------
      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.12.03.04

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Diego :: ROJO [administrador]

      Protección: Habilitado

      05/12/2012 7:11:53 a.m.
      mbam-log-2012-12-05 (07-11-53).txt

      Tipos de Análisis: Análisis personalizado (C:\System Volume Information|)
      Opciones de análisis activado: Sistema de archivos | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: Memoria | Inicio | Registro | Heurística/Extra | P2P
      Objetos examinados: 79
      Tiempo transcurrido: 42 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)
      -----------------------------------------------------------
      algunos de estos reportes fueron directamente a los archivos que trataba de eliminar o saber si estaban infectados, espero ayude la informacion

    3. #13
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.470

      Re: comportamiento inestable en mi pc y documentos que no logro renocnonocer ni abri

      Hola,

      Perfectamente explicado

      Amigo, creo que por buscar "manualmente" los virus te estás volviendo algo paranoico, con todo respeto
      Te recomiendo que leas esta respuesta que puede aclarar en parte tus dudas.
      Por esto es que te decía que no eliminaras manualmente las carpetas y los archivos que veías

      Igualmente, vamos a buscar cualquier tipo de malware que pueda haber en tu ordenador.
      Podés realizar los pasos que te dejé anteriormente, aunque ya hayas hecho algo similar o lo mismo

      Nos comentas cómo funciona tu ordenador.
      Saludos

    4. #14
      Usuario Avatar de rojo_33_45
      Registrado
      jun 2008
      Ubicación
      mexico
      Mensajes
      12

      Re: comportamiento inestable en mi pc y documentos que no logro renocnonocer ni abri

      perdona, respondiste mientras yo respondia, enseguida sigo con lo que me comentaste, gracias, lo de eliminar archivos ya lo habia hecho antes de comentar, lo siento :o
      Última edición por rojo_33_45 fecha: 05/12/12 a las 22:08:09

    5. #15
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.470

      Re: comportamiento inestable en mi pc y documentos que no logro renocnonocer ni abri

      Hola,

      Ningún problema
      No hay apuro, hace los procedimientos con tiempo.
      Si tenés alguna duda, me consultás. No tengas miedo de preguntarme sobre cualquier cosa que no comprendas o que te parezca extraña

      Saludos

    6. #16
      Usuario Avatar de rojo_33_45
      Registrado
      jun 2008
      Ubicación
      mexico
      Mensajes
      12

      Re: comportamiento inestable en mi pc y documentos que no logro renocnonocer ni abri

      gracias hermano, que amable :), de saberlo antes me la pienso antes de tratar de eliminar todo y mejor me pongo a solicitar ayuda, estamos en contacto

    7. #17
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.470

      Re: comportamiento inestable en mi pc y documentos que no logro renocnonocer ni abri

      Hola,

      No hay nada que agradecer

      Cuando te decía lo de los "pasos que te comente anteriormente", me refería a los que te dije aquí. Ahora que leo mi mensaje de nuevo, veo que no me expliqué bien
      Recuerda traernos los reportes, así vemos lo que eliminaron

      Saludos

    8. #18
      Usuario Avatar de rojo_33_45
      Registrado
      jun 2008
      Ubicación
      mexico
      Mensajes
      12

      Re: comportamiento inestable en mi pc y documentos que no logro renocnonocer ni abri

      hola hermano!!! perdona la demora :) te dejo todos los analisis
      ......................................................................................
      panda
      Suceso Fecha/Hora Estado Información adicional
      ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
      Análisis 05/12/2012 6:48:20 p.m. Finalizado Analizando: todo mi PC
      Herramienta de hacking detectada Exploit/MS04-028.gen 05/12/2012 3:53:13 p.m. Eliminado/a Ubicación: C:\Users\Diego\Desktop\Montagem Pt - Mp3 320k\Encarte Pt\Contra Capa.jpg
      Cookie detectada Cookie/Apmebf 05/12/2012 3:51:51 p.m. Eliminado/a Ubicación: C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Cookies[.apmebf.com/]
      Sincronización 05/12/2012 3:20:55 p.m. Sincronizado Tu protección se ha sincronizado con la nube contra las últimas amenazas.
      Análisis 05/12/2012 3:04:32 p.m. Comenzado Analizando: todo mi PC
      Troyano detectado/a Trj/OCJ.A 05/12/2012 2:59:43 p.m. Eliminado/a Ubicación: C:\Users\Diego\Downloads\OTM.exe
      Ordenador vacunado 05/12/2012 2:57:21 p.m. Vacunado Tu ordenador ha sido vacunado.
      .......................................................................................................................................

      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.1.1000
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.12.10.07

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Diego :: ROJO [administrador]

      Protección: Habilitado

      12/12/2012 8:16:45 p.m.
      mbam-log-2012-12-12 (20-16-45).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 374742
      Tiempo transcurrido: 5 hora(s), 17 minuto(s), 19 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)
      -------------------------------------------------------------------------



      a-t destroyer

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 00:13:41 \\\ 14/12/2012
      AT-Destroyer 2.1 By Infospyware ---> www.infospyware.com
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:17.0.1.4715
      Google Chrome:23.0.1271.97
      Privilegios: Diego - Administrador
      Modo Actual: Modo Seguro.
      Nombre del pc: ROJO
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:Diego
      Lenguaje del sistema: Español



      (hay otro txt de at destroyer, no se en donde guarda reportes)
      OTL logfile created on: 12/13/2012 11:49:21 PM - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Diego\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: Mexico | Language: ESM | Date Format: dd/MM/yyyy

      1.87 Gb Total Physical Memory | 0.67 Gb Available Physical Memory | 35.59% Memory free
      3.74 Gb Paging File | 2.55 Gb Available in Paging File | 68.17% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 216.80 Gb Total Space | 123.02 Gb Free Space | 56.75% Space Free | Partition Type: NTFS

      Computer Name: ROJO | User Name: Diego | Logged in as Administrator.
      Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - [2012/12/03 05:12:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Diego\Downloads\OTL.exe


      ========== Modules (No Company Name) ==========
      ------------------------------------------------------------------------------------------------------------------
      otl

      OTL logfile created on: 12/13/2012 11:49:21 PM - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Diego\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: Mexico | Language: ESM | Date Format: dd/MM/yyyy

      1.87 Gb Total Physical Memory | 0.67 Gb Available Physical Memory | 35.59% Memory free
      3.74 Gb Paging File | 2.55 Gb Available in Paging File | 68.17% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 216.80 Gb Total Space | 123.02 Gb Free Space | 56.75% Space Free | Partition Type: NTFS

      Computer Name: ROJO | User Name: Diego | Logged in as Administrator.
      Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - [2012/12/03 05:12:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Diego\Downloads\OTL.exe


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV:64bit: - [2010/02/05 18:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
      SRV:64bit: - [2009/11/05 23:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
      SRV:64bit: - [2009/07/28 16:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
      SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
      SRV - [2012/12/13 02:22:31 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
      SRV - [2012/12/11 13:44:04 | 001,211,144 | ---- | M] (PSafe) [Auto | Stopped] -- C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe -- (PSafeLockBoxSvc)
      SRV - [2012/12/11 13:43:48 | 000,248,072 | ---- | M] (PSafe) [Auto | Stopped] -- C:\Program Files (x86)\PSafe\PSafeWD.exe -- (PSafeWD)
      SRV - [2012/12/11 13:43:44 | 001,981,192 | ---- | M] (PSafe S/A) [Auto | Stopped] -- C:\Program Files (x86)\PSafe\PSafesvc.exe -- (PSafeSVC)
      SRV - [2012/11/14 22:04:15 | 000,036,640 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService)
      SRV - [2012/11/12 14:45:41 | 000,140,064 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
      SRV - [2012/10/09 01:28:47 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
      SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
      SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
      SRV - [2012/07/27 14:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
      SRV - [2010/11/29 14:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
      SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
      SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
      SRV - [2007/02/05 09:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
      SRV - [2007/02/05 09:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
      SRV - [2006/12/14 01:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
      SRV - [2006/12/14 01:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
      SRV - [2006/12/14 00:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - [2012/12/11 13:13:28 | 000,288,688 | R--- | M] (360.cn) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\360FltOEM.sys -- (360FltOEM)
      DRV:64bit: - [2012/11/09 19:01:13 | 000,204,328 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)
      DRV:64bit: - [2012/11/09 19:01:13 | 000,133,160 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt)
      DRV:64bit: - [2012/11/09 19:01:13 | 000,123,944 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc)
      DRV:64bit: - [2012/11/09 19:01:12 | 000,167,976 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt)
      DRV:64bit: - [2012/11/09 19:01:12 | 000,119,848 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile)
      DRV:64bit: - [2012/11/09 11:24:23 | 000,291,368 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSStrm.sys -- (NNSSTRM)
      DRV:64bit: - [2012/11/09 11:24:23 | 000,148,520 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNStlsc.sys -- (NNSTLSC)
      DRV:64bit: - [2012/11/09 11:24:22 | 000,150,568 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSPrv.sys -- (NNSPRV)
      DRV:64bit: - [2012/11/09 11:24:22 | 000,135,208 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSSmtp.sys -- (NNSSMTP)
      DRV:64bit: - [2012/11/09 11:24:21 | 000,397,864 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSProt.sys -- (NNSPROT)
      DRV:64bit: - [2012/11/09 11:24:20 | 000,139,304 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSPop3.sys -- (NNSPOP3)
      DRV:64bit: - [2012/11/09 11:24:20 | 000,083,496 | ---- | M] (Panda Security, S.L.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\NNSPihsw.sys -- (NNSPIHSW)
      DRV:64bit: - [2012/11/09 11:24:19 | 000,154,152 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSIds.sys -- (NNSIDS)
      DRV:64bit: - [2012/11/09 11:24:19 | 000,134,696 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSpicc.sys -- (NNSPICC)
      DRV:64bit: - [2012/11/09 11:24:18 | 000,136,232 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSHttp.sys -- (NNSHTTP)
      DRV:64bit: - [2012/11/09 11:24:18 | 000,127,016 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSAlpc.sys -- (NNSALPC)
      DRV:64bit: - [2012/11/07 09:00:05 | 000,058,360 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PSKMAD.sys -- (PSKMAD)
      DRV:64bit: - [2012/10/22 12:09:23 | 000,033,320 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSNAHSL.sys -- (NNSNAHSL)
      DRV:64bit: - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
      DRV:64bit: - [2012/08/23 0820 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
      DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
      DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
      DRV:64bit: - [2011/04/20 09:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
      DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
      DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
      DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
      DRV:64bit: - [2010/11/10 21:59:56 | 000,828,912 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
      DRV:64bit: - [2010/10/29 12:32:02 | 001,399,856 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
      DRV:64bit: - [2010/02/20 10:24:34 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
      DRV:64bit: - [2010/02/01 11:29:48 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
      DRV:64bit: - [2010/01/18 18:45:50 | 000,717,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
      DRV:64bit: - [2009/11/06 13:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
      DRV:64bit: - [2009/08/07 06:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
      DRV:64bit: - [2009/07/30 21:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
      DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
      DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
      DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
      DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
      DRV:64bit: - [2009/07/07 09:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
      DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
      DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
      DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
      DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
      DRV:64bit: - [2009/03/25 09:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm)
      DRV:64bit: - [2009/03/25 09:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic)
      DRV:64bit: - [2009/03/25 09:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt)
      DRV:64bit: - [2009/03/25 09:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex)
      DRV:64bit: - [2009/03/25 09:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus)
      DRV:64bit: - [2009/03/25 09:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5)
      DRV:64bit: - [2009/03/25 09:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl)
      DRV:64bit: - [2006/10/18 01:00:00 | 000,052,760 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
      DRV - [2010/06/28 10:34:20 | 000,009,216 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\massfilter_hs.sys -- (massfilter_hs)
      DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {01DC5888-94BF-4643-B93C-00BE7C77799D}
      IE:64bit: - HKLM\..\SearchScopes\{01DC5888-94BF-4643-B93C-00BE7C77799D}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSZZ&bmod=TSZZ
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSZZ&bmod=TSZZ
      IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
      IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSZZ
      IE - HKLM\..\SearchScopes\{E57A3D0C-7DD8-41FC-AA55-CAF0C389A320}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSZZ&bmod=TSZZ
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepage&toolbarid=pandasecuritytb&v=4_0&u=E29CCCBA5A92CFDFC4149650BFB51DE6
      IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111378&babsrc=SP_ss&mntrId=76c52a8100000000000000266c630b67
      IE - HKCU\..\SearchScopes\{333E70A4-91E5-415C-A919-E62F4BB25EA8}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
      IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://pandasecurityr.mystart.com/?source=5b97eeb3&v=4_0&tbp=rbox&toolbarid=pandasecuritytb&u=E29CCCBA5A92CFDFC4149650BFB51DE6&q={searchTerms}
      IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = http://plusnetwork.com/?sp=brw&q={searchTerms}
      IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSZZ
      IE - HKCU\..\SearchScopes\{E57A3D0C-7DD8-41FC-AA55-CAF0C389A320}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_esMX402MX403
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

      64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/11 17:09:41 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\PSafe\ClikSeguro\\ffext [2012/12/13 01:58:55 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/13 02:22:44 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\AddLyrics\FF\
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/13 02:22:44 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

      [2012/12/13 02:08:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Diego\AppData\Roaming\mozilla\Extensions
      [2012/12/13 02:21:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
      [2012/12/13 02:22:42 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/11/20 00:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/11/20 00:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://www.google.com/
      CHR - Extension: No name found = C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpknlgclcjbgepbagcobhdainldkgggl\1.0.8_0\

      O1 HOSTS File: ([2010/12/10 00:19:16 | 000,000,769 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 activation.guitar-pro.com
      O2:64bit: - BHO: (no name) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - No CLSID value found.
      O2:64bit: - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
      O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.
      O2 - BHO: (PSafe ClikSeguro) - {802D2971-E7C7-4219-8D5C-AFDCD0DA939E} - C:\Program Files (x86)\PSafe\ClikSeguro\ClikSeguro.dll (PSafe S/A)
      O2 - BHO: (no name) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - No CLSID value found.
      O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
      O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
      O2 - BHO: (Codec-C Class) - {BB3600DE-A732-490F-B160-0FAA2D2D41F0} - Reg Error: Value error. File not found
      O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O4:64bit: - HKLM..\Run: [] File not found
      O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
      O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
      O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
      O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
      O4 - HKLM..\Run: [PSafeSysTray] C:\Program Files (x86)\PSafe\PSafeSysTray.exe (PSafe)
      O4 - HKLM..\Run: [PSUAMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
      O9 - Extra Button: Mostrar u ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
      O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2A3CF0B-2818-4D10-89ED-0E4468A45003}: DhcpNameServer = 192.168.1.254
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
      O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O33 - MountPoints2\{176d35c8-be99-11e1-9273-00266c630b67}\Shell - "" = AutoRun
      O33 - MountPoints2\{176d35c8-be99-11e1-9273-00266c630b67}\Shell\AutoRun\command - "" = E:\LGAutoRun.exe
      O33 - MountPoints2\{2cf6e187-1925-11e0-8aa3-00266c630b67}\Shell - "" = AutoRun
      O33 - MountPoints2\{2cf6e187-1925-11e0-8aa3-00266c630b67}\Shell\AutoRun\command - "" = E:\Startme.exe
      O33 - MountPoints2\D\Shell - "" = AutoRun
      O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Setup.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/12/13 02:57:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
      [2012/12/13 02:52:05 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Roaming\Google
      [2012/12/13 02:49:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
      [2012/12/13 02:21:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2012/12/13 02:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
      [2012/12/13 02:08:14 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Roaming\Mozilla
      [2012/12/13 02:08:14 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Local\Mozilla
      [2012/12/13 01:59:29 | 000,000,000 | ---D | C] -- C:\Users\Diego\PSafe
      [2012/12/13 01:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PSafe
      [2012/12/13 01:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
      [2012/12/13 01:56:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
      [2012/12/13 01:56:50 | 000,288,688 | R--- | C] (360.cn) -- C:\windows\SysNative\drivers\360FltOEM.sys
      [2012/12/13 01:46:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PSafe
      [2012/12/13 01:40:36 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Diego\Desktop\esetsmartinstaller_esn.exe
      [2012/12/12 05:19:15 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Roaming\Real
      [2012/12/12 04:32:49 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Local\CrashDumps
      [2012/12/12 00:01:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
      [2012/12/12 00:01:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
      [2012/12/12 00:01:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RdpGroupPolicyExtension.dll
      [2012/12/12 00:01:11 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdpvideominiport.sys
      [2012/12/12 00:01:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys
      [2012/12/12 00:00:57 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
      [2012/12/12 00:00:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbGDCoInstaller.dll
      [2012/12/12 00:00:57 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprtPS.dll
      [2012/12/12 00:00:56 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpendp_winip.dll
      [2012/12/12 00:00:56 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
      [2012/12/12 00:00:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wksprtPS.dll
      [2012/12/12 00:00:55 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
      [2012/12/12 00:00:55 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
      [2012/12/12 00:00:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsRdpWebAccess.dll
      [2012/12/12 00:00:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MsRdpWebAccess.dll
      [2012/12/12 00:00:54 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe
      [2012/12/12 00:00:54 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll
      [2012/12/12 00:00:54 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpendp_winip.dll
      [2012/12/12 00:00:54 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWbPrxy.exe
      [2012/12/12 00:00:53 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
      [2012/12/12 00:00:53 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
      [2012/12/12 00:00:52 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
      [2012/12/12 00:00:51 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
      [2012/12/12 00:00:50 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
      [2012/12/11 23:53:17 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
      [2012/12/11 23:53:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
      [2012/12/11 23:53:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
      [2012/12/11 23:53:10 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
      [2012/12/11 23:53:10 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
      [2012/12/11 23:53:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
      [2012/12/11 23:53:08 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
      [2012/12/11 23:53:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
      [2012/12/11 23:53:03 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
      [2012/12/11 23:53:02 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
      [2012/12/11 23:53:01 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
      [2012/12/11 23:53:00 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
      [2012/12/11 23:52:53 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
      [2012/12/11 23:52:52 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
      [2012/12/11 23:52:52 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
      [2012/12/11 23:41:33 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
      [2012/12/11 23:41:32 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
      [2012/12/11 23:41:31 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
      [2012/12/11 23:41:30 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
      [2012/12/11 23:41:19 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
      [2012/12/11 23:41:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
      [2012/12/11 23:41:18 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
      [2012/12/11 23:41:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
      [2012/12/11 23:41:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
      [2012/12/11 23:41:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
      [2012/12/11 23:41:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
      [2012/12/11 23:41:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
      [2012/12/11 23:41:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
      [2012/12/11 23:41:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
      [2012/12/11 23:41:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
      [2012/12/11 23:41:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
      [2012/12/11 23:41:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
      [2012/12/11 23:41:01 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
      [2012/12/11 23:41:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
      [2012/12/11 23:41:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
      [2012/12/11 23:41:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
      [2012/12/11 23:41:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
      [2012/12/11 23:41:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
      [2012/12/11 23:41:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
      [2012/12/11 23:41:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
      [2012/12/11 23:40:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
      [2012/12/11 23:40:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
      [2012/12/11 23:40:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
      [2012/12/11 23:40:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
      [2012/12/11 23:40:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
      [2012/12/11 23:40:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
      [2012/12/11 23:40:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
      [2012/12/11 23:40:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
      [2012/12/11 23:40:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
      [2012/12/11 23:40:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
      [2012/12/11 23:40:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
      [2012/12/11 23:40:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
      [2012/12/11 23:40:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
      [2012/12/11 23:40:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
      [2012/12/11 23:40:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
      [2012/12/11 23:40:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
      [2012/12/11 23:40:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
      [2012/12/11 23:40:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
      [2012/12/11 23:40:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
      [2012/12/11 23:40:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
      [2012/12/11 23:40:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
      [2012/12/11 23:40:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
      [2012/12/11 23:40:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
      [2012/12/11 23:40:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
      [2012/12/11 23:40:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
      [2012/12/11 23:40:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
      [2012/12/11 23:40:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
      [2012/12/11 23:40:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
      [2012/12/11 23:40:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
      [2012/12/11 23:40:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
      [2012/12/11 23:40:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
      [2012/12/11 23:40:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
      [2012/12/11 23:40:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
      [2012/12/11 23:40:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
      [2012/12/11 23:40:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
      [2012/12/11 23:40:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
      [2012/12/11 23:40:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
      [2012/12/11 23:40:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
      [2012/12/11 23:40:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
      [2012/12/11 23:40:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
      [2012/12/11 23:40:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
      [2012/12/11 23:40:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
      [2012/12/11 23:40:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
      [2012/12/11 23:40:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
      [2012/12/11 23:36:00 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
      [2012/12/11 23:35:59 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
      [2012/12/11 23:30:54 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
      [2012/12/11 23:30:54 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
      [2012/12/11 23:29:18 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
      [2012/12/11 23:29:17 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
      [2012/12/11 23:29:17 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
      [2012/12/11 23:29:16 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
      [2012/12/11 23:28:44 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnet.dll
      [2012/12/11 23:28:43 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnet.dll
      [2012/12/09 12:25:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DsNET Corp
      [2012/12/09 11:48:16 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Local\ESET
      [2012/12/05 21:46:45 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Roaming\Guitar Pro 6
      [2012/12/05 16:17:50 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Local\Adobe
      [2012/12/05 15:02:21 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Roaming\Panda Security
      [2012/12/05 14:57:29 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
      [2012/12/05 14:57:28 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Local\panda4_0dn
      [2012/12/05 14:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security URL Filtering
      [2012/12/05 14:57:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
      [2012/12/05 14:57:08 | 000,058,360 | ---- | C] (Panda Security, S.L.) -- C:\windows\SysNative\drivers\PSKMAD.sys
      [2012/12/05 14:57:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pandasecuritytb
      [2012/12/05 14:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
      [2012/12/05 14:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
      [2012/12/05 14:55:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
      [2012/12/05 14:37:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
      [2012/12/05 14:37:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2012/12/05 08:51:01 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2012/12/05 08:50:28 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Roaming\WinRAR
      [2012/12/05 07:07:47 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Roaming\Synaptics
      [2012/12/03 06:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Google
      [2012/12/03 05:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/12/03 05:25:52 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
      [2012/12/03 05:24:08 | 000,000,000 | ---D | C] -- C:\Users\Diego\Desktop\rkill
      [2012/12/03 01:18:46 | 000,000,000 | ---D | C] -- C:\Users\Diego\AppData\Roaming\Malwarebytes
      [2012/12/03 01:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/12/03 01:18:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2012/12/03 00:48:52 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\searchplugins
      [2012/12/03 00:48:52 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Extensions
      [2012/11/17 03:20:00 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys
      [2012/11/17 03:20:00 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wdfres.dll
      [2012/11/17 03:04:23 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
      [2012/11/17 03:04:22 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
      [2012/11/17 03:04:21 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
      [2012/11/17 03:04:21 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
      [2012/11/15 04:42:56 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll
      [2012/11/15 04:42:56 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll
      [2012/11/15 04:42:56 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll
      [2012/11/15 04:42:49 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcorehc.dll
      [2012/11/15 04:42:49 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
      [2012/11/15 04:42:49 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
      [2012/11/15 04:42:48 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcorehc.dll
      [2012/11/15 04:42:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netevent.dll
      [2012/11/15 04:42:48 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netevent.dll
      [2012/11/15 04:41:49 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll
      [2012/11/15 04:41:48 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll
      [2012/11/15 03:08:33 | 000,000,000 | ---D | C] -- C:\Users\Diego\Desktop\maldita
      [2012/11/15 03:07:59 | 000,000,000 | ---D | C] -- C:\Users\Diego\Desktop\Montagem Pt - Mp3 320k
      [2012/11/15 02:19:53 | 000,000,000 | ---D | C] -- C:\Users\Diego\Desktop\Maldita - Montage (2012) English Version
      [2012/11/14 11:45:33 | 000,000,000 | ---D | C] -- C:\Users\Diego\Desktop\Nueva carpeta (3)
      [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/12/13 23:47:23 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
      [2012/12/13 23:47:12 | 1506,783,232 | -HS- | M] () -- C:\hiberfil.sys
      [2012/12/13 23:26:00 | 000,000,838 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
      [2012/12/13 23:14:46 | 001,555,882 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
      [2012/12/13 23:14:46 | 000,704,074 | ---- | M] () -- C:\windows\SysNative\perfh00A.dat
      [2012/12/13 23:14:46 | 000,616,242 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
      [2012/12/13 23:14:46 | 000,138,040 | ---- | M] () -- C:\windows\SysNative\perfc00A.dat
      [2012/12/13 23:14:46 | 000,106,622 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
      [2012/12/13 23:12:42 | 000,001,036 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/12/13 22:50:57 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/12/13 22:50:57 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/12/13 22:41:34 | 000,001,032 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/12/13 22:41:06 | 000,470,736 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
      [2012/12/13 05:14:05 | 000,002,120 | ---- | M] () -- C:\scu.dat
      [2012/12/13 0247 | 000,010,066 | ---- | M] () -- C:\Users\Diego\Desktop\cc_20121213_021005.reg
      [2012/12/13 02:03:00 | 000,049,968 | ---- | M] () -- C:\Users\Diego\Desktop\cc_20121213_020016.reg
      [2012/12/13 01:57:47 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Protege.lnk
      [2012/12/13 01:57:44 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\PSafe.lnk
      [2012/12/13 01:57:07 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012/12/13 01:41:02 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Diego\Desktop\esetsmartinstaller_esn.exe
      [2012/12/12 07:35:22 | 008,896,790 | ---- | M] () -- C:\Users\Diego\Desktop\hot busty yoga girl downblouse 1.flv
      [2012/12/12 05:55:18 | 000,051,793 | ---- | M] () -- C:\Users\Diego\Desktop\Reporte.pdf
      [2012/12/11 13:13:28 | 000,288,688 | R--- | M] (360.cn) -- C:\windows\SysNative\drivers\360FltOEM.sys
      [2012/12/05 18:32:45 | 000,232,386 | ---- | M] () -- C:\Users\Diego\Desktop\Sin título.png
      [2012/12/05 16:34:31 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2012/12/05 08:54:54 | 000,001,376 | ---- | M] () -- C:\Users\Diego\Desktop\pl.exe - Acceso directo.lnk
      [2012/12/05 05:27:57 | 000,060,713 | ---- | M] () -- C:\Users\Diego\Desktop\bookmarks_05_12_12.html
      [2012/11/14 00:11:44 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
      [2012/11/14 00:02:49 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
      [2012/11/14 00:02:04 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
      [2012/11/13 23:58:36 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
      [2012/11/13 23:57:46 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
      [2012/11/13 23:57:35 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
      [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/12/13 22:40:47 | 000,470,736 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
      [2012/12/13 05:14:04 | 000,002,120 | ---- | C] () -- C:\scu.dat
      [2012/12/13 0213 | 000,010,066 | ---- | C] () -- C:\Users\Diego\Desktop\cc_20121213_021005.reg
      [2012/12/13 02:00:28 | 000,049,968 | ---- | C] () -- C:\Users\Diego\Desktop\cc_20121213_020016.reg
      [2012/12/13 01:57:45 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Protege.lnk
      [2012/12/13 01:57:43 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\PSafe.lnk
      [2012/12/13 01:57:06 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012/12/13 01:57:02 | 000,001,130 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [2012/12/12 07:33:48 | 008,896,790 | ---- | C] () -- C:\Users\Diego\Desktop\hot busty yoga girl downblouse 1.flv
      [2012/12/12 05:55:00 | 000,051,793 | ---- | C] () -- C:\Users\Diego\Desktop\Reporte.pdf
      [2012/12/05 18:32:44 | 000,232,386 | ---- | C] () -- C:\Users\Diego\Desktop\Sin título.png
      [2012/12/05 16:34:31 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2012/12/05 08:38:39 | 000,001,376 | ---- | C] () -- C:\Users\Diego\Desktop\pl.exe - Acceso directo.lnk
      [2012/12/05 05:27:56 | 000,060,713 | ---- | C] () -- C:\Users\Diego\Desktop\bookmarks_05_12_12.html
      [2012/11/17 03:20:03 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
      [2012/11/17 03:04:21 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
      [2012/10/27 17:49:09 | 000,532,480 | ---- | C] () -- C:\windows\SysWow64\CddbPlaylist2Sony.dll
      [2012/09/21 11:12:53 | 000,578,611 | ---- | C] () -- C:\windows\adb.exe
      [2011/08/18 18:15:14 | 000,182,850 | ---- | C] () -- C:\windows\hphins33.dat.temp
      [2011/08/18 18:15:13 | 000,000,512 | ---- | C] () -- C:\windows\hphmdl33.dat.temp
      [2010/11/22 01:14:47 | 000,003,584 | ---- | C] () -- C:\Users\Diego\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

      ========== ZeroAccess Check ==========

      [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      < End of report >
      ----------------------------------------------------------------------------
      por ultimo eset online



      C:\Users\Diego\AppData\Local\Temp\ICReinstall_Firefox_Setup_17.0.exe una variante de Win32/InstallCore.BA aplicación no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena
      C:\Users\Diego\Desktop\Firefox_Setup_17.0.exe una variante de Win32/InstallCore.BA aplicación no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena
      ---------------------------------------------------------------------------------------------------------------------
















      creo que mi pc esta mucho mejor, pero igual espero tu opinion... por cierto de at destroyer no supe cual de todos poner, pero te puse tres igual omite alguno si era uno equivocado :) gracias

    9. #19
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.470

      Re: comportamiento inestable en mi pc y documentos que no logro renocnonocer ni abri

      Hola,

      Me mataste..
      Por favor, editá tu mensaje y borrá el reporte de OTL, ya que es una herramienta que los Usuarios no podemos recomendar. Gracias

      Todo parece en orden...
      Aunque el reporte de AT-Destroyer esta incompleto, fijate si hay otro/s reportes en C:\ ya que tienen mucha información y podrían ayudarnos a ver otros problemas

      Saludos

    Página 2 de 2 PrimeroPrimero 12