• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 12

    Posible Virus en Mozilla Fire Fox (Solucionado)

    Resumen del tema: Posible Virus en Mozilla Fire Fox (Solucionado) - Hola, tengo un problema con una web que se abre de forma automática en mi Mozilla Fire Fox y ya he desisntalado el Navegador y lo he vuelto a Instalar pero no funciona, creo que ...

      
    1. #1
      Usuario Avatar de schumifast2007
      Registrado
      may 2007
      Ubicación
      España
      Mensajes
      149

      Pregunta Posible Virus en Mozilla Fire Fox (Solucionado)

      Hola, tengo un problema con una web que se abre de forma automática en mi Mozilla Fire Fox y ya he desisntalado el Navegador y lo he vuelto a Instalar pero no funciona, creo que es un Virus y me gustaría que alguien me ayudara a eliminarlo, a continuación os pego el link de la web maligna que interrumpe mi navegación:

      EDITADO enlace a código malicioso.

      Gracias de antemano.

    2. #2
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.958

      Re: Posible Virus en Mozilla Fire Fox

      Hola



      • Desactivá temporalmente el Antivirus y/o Antispyware. Cómo deshabilitar temporalmente su Antivirus

      • Descarga la Herramienta AT-Destroyer (by InfoSpyware)

      • Ejecuta la herramienta como administrador.
      • (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")

      • Aparecerá el Disclaimer de la herramienta. Presiona .

      • Presiona sobre la opción 1 (Buscar y Destruir)

      • La herramienta desconectará el escritorio moméntaneamente.

      • En caso de estar infectado,la herramienta lo indicará con lineas rojas donde se haya encontrado la infección,sino,serán lineas verdes.

      • Una vez terminado el escaneo,podrás volver a ver el escritorio y se te abrirá un reporte,que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.






      Descargá OTL By OldTimer





      >>> Ejecutá OTL
      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo asta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Pegá el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:

        NOTA: No copiar la palabra Cita.
        msconfig
        netsvcs
        baseservices
        %systemdrive%\*.*
        %programfiles%\*.exe
        %appdata%\*.exe /s /5
        %localappdata%\*.exe /s /5
        %systemroot%\*. /mp /s
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.




      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de schumifast2007
      Registrado
      may 2007
      Ubicación
      España
      Mensajes
      149

      Mensaje Re: Posible Virus en Mozilla Fire Fox

      Hola LeoSolari, perdona no haber respondido antes, pero no había podido, bueno, a continuación te pego el 1er Informe de AT-Destroyer:


      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 10:51:45 \\\ 16/12/2012
      AT-Destroyer 2.1 By Infospyware ---> www.infospyware.com
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:17.0.1.4715
      Privilegios: Schumivladi - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: PERSONAL
      Información del sistema operativo:X86-WIN_7-
      nombre del usuario:Schumivladi
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<



      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<

      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\System32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==


      HKEY_USERS\S-1-5-21-3345236188-3538978539-3263610883-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "https://www.google.es/");
      user_pref("browser.startup.homepage_override.buildID", "20121128204232");
      user_pref("browser.startup.homepage_override.mstone", "17.0.1");
      user_pref("pref.browser.homepage.disable_button.current_page", false);


      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416

      ======== Listado ===========

      [ 29/11/2012 1:31] [ 29/11/2012 1:31] [DI] C:\Users\Schumivladi\AppData\Roaming\Avira
      [ 29/11/2012 4:43] [ 29/11/2012 4:43] [DI] C:\Users\Schumivladi\AppData\Roaming\GlarySoft
      [ 29/11/2012 0:12] [ 29/11/2012 0:12] [DI] C:\Users\Schumivladi\AppData\Roaming\Identities
      [29/11/2012 12:02] [29/11/2012 12:02] [DI] C:\Users\Schumivladi\AppData\Roaming\Leadertech
      [ 11/12/2012 8:44] [ 29/11/2012 1:02] [DI] C:\Users\Schumivladi\AppData\Roaming\Macromedia
      [15/12/2012 23:20] [13/12/2012 17:30] [DI] C:\Users\Schumivladi\AppData\Roaming\MAGIX
      [ 29/11/2012 3:30] [ 29/11/2012 3:30] [DI] C:\Users\Schumivladi\AppData\Roaming\Malwarebytes
      [14/07/2009 11:07] [29/11/2012 0:11] [DI] C:\Users\Schumivladi\AppData\Roaming\Media Center Programs
      [12/12/2012 23:24] [29/11/2012 0:11] [SDI] C:\Users\Schumivladi\AppData\Roaming\Microsoft
      [ 07/12/2012 7:14] [ 07/12/2012 7:14] [DI] C:\Users\Schumivladi\AppData\Roaming\Mozilla
      [12/12/2012 22:25] [12/12/2012 22:25] [DI] C:\Users\Schumivladi\AppData\Roaming\Nero
      [ 11/12/2012 6:26] [ 11/12/2012 6:26] [DI] C:\Users\Schumivladi\AppData\Roaming\No Company Name
      [ 14/12/2012 0:09] [ 14/12/2012 0:09] [DI] C:\Users\Schumivladi\AppData\Roaming\proDAD
      [ 29/11/2012 2:53] [ 29/11/2012 2:53] [DI] C:\Users\Schumivladi\AppData\Roaming\SUPERAntiSpyware.com
      [ 16/12/2012 7:22] [ 16/12/2012 7:20] [DI] C:\Users\Schumivladi\AppData\Roaming\vlc
      [ 29/11/2012 8:03] [ 29/11/2012 8:03] [DI] C:\Users\Schumivladi\AppData\Roaming\WinRAR
      [29/11/2012 7:50] [29/11/2012 7:50] [D] C:\Program Files\Ares
      [29/11/2012 1:25] [29/11/2012 1:25] [D] C:\Program Files\Avira
      [29/11/2012 0:36] [29/11/2012 0:36] [D] C:\Program Files\AvRack
      [29/11/2012 4:34] [29/11/2012 4:34] [D] C:\Program Files\CCleaner
      [13/12/2012 17:29] [14/07/2009 4:37] [D] C:\Program Files\Common Files
      [12/12/2012 15:33] [29/11/2012 3:58] [D] C:\Program Files\Comodo
      C:\Program Files\desktop.ini [HSA] 174 bytes( 0)
      [14/07/2009 11:08] [14/07/2009 6:52] [D] C:\Program Files\DVD Maker
      [16/12/2012 10:24] [16/12/2012 10:23] [D] C:\Program Files\Freemake
      [29/11/2012 4:39] [29/11/2012 4:39] [D] C:\Program Files\Glary Utilities
      [29/11/2012 13:36] [29/11/2012 0:35] [HD] C:\Program Files\InstallShield Installation Information
      [29/11/2012 1:38] [14/07/2009 4:37] [D] C:\Program Files\Internet Explorer
      [29/11/2012 5:30] [29/11/2012 1:49] [D] C:\Program Files\Java
      [29/11/2012 0:20] [29/11/2012 0:20] [D] C:\Program Files\LG Electronics
      [13/12/2012 17:27] [13/12/2012 17:26] [D] C:\Program Files\MAGIX
      [29/11/2012 3:30] [29/11/2012 3:30] [D] C:\Program Files\Malwarebytes' Anti-Malware
      [29/11/2012 6:28] [29/11/2012 6:28] [D] C:\Program Files\Microsoft
      [07/12/2012 18:50] [07/12/2012 18:50] [D] C:\Program Files\Microsoft Analysis Services
      [07/12/2012 19:50] [07/12/2012 19:50] [D] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [14/07/2009 11:08] [14/07/2009 6:52] [D] C:\Program Files\Microsoft Games
      [07/12/2012 18:52] [07/12/2012 18:49] [D] C:\Program Files\Microsoft Office
      [07/12/2012 23:36] [29/11/2012 6:31] [D] C:\Program Files\Microsoft Silverlight
      [07/12/2012 18:52] [29/11/2012 6:29] [D] C:\Program Files\Microsoft SQL Server Compact Edition
      [07/12/2012 18:52] [07/12/2012 18:52] [D] C:\Program Files\Microsoft Sync Framework
      [07/12/2012 18:53] [07/12/2012 18:53] [D] C:\Program Files\Microsoft Synchronization Services
      [07/12/2012 18:51] [07/12/2012 18:51] [D] C:\Program Files\Microsoft Visual Studio 8
      [12/12/2012 18:02] [07/12/2012 18:52] [D] C:\Program Files\Microsoft.NET
      [07/12/2012 7:14] [07/12/2012 7:14] [D] C:\Program Files\Mozilla Firefox
      [07/12/2012 7:14] [07/12/2012 7:14] [D] C:\Program Files\Mozilla Maintenance Service
      [07/12/2012 18:54] [14/07/2009 6:52] [D] C:\Program Files\MSBuild
      [13/12/2012 1:42] [12/12/2012 18:26] [D] C:\Program Files\Nero
      [14/12/2012 0:09] [14/12/2012 0:09] [D] C:\Program Files\proDAD
      [29/11/2012 0:41] [29/11/2012 0:41] [D] C:\Program Files\Realtek
      [29/11/2012 0:36] [29/11/2012 0:36] [D] C:\Program Files\Realtek AC97
      [29/11/2012 0:36] [29/11/2012 0:36] [D] C:\Program Files\Realtek Sound Manager
      [14/07/2009 6:52] [14/07/2009 6:52] [D] C:\Program Files\Reference Assemblies
      [29/11/2012 4:17] [29/11/2012 4:17] [D] C:\Program Files\SpywareBlaster
      [29/11/2012 3:02] [29/11/2012 3:01] [D] C:\Program Files\SUPERAntiSpyware
      [14/07/2009 6:53] [14/07/2009 6:53] [HD] C:\Program Files\Uninstall Information
      [10/12/2012 0:16] [29/11/2012 8:05] [D] C:\Program Files\Unlocker
      [29/11/2012 0:09] [29/11/2012 0:09] [D] C:\Program Files\VideoLAN
      [07/12/2012 6:52] [07/12/2012 6:52] [D] C:\Program Files\VS Revo Group
      [14/07/2009 10:48] [14/07/2009 6:52] [D] C:\Program Files\Windows Defender
      [29/11/2012 9:49] [14/07/2009 11:08] [D] C:\Program Files\Windows Journal
      [29/11/2012 6:30] [29/11/2012 6:28] [D] C:\Program Files\Windows Live
      [29/11/2012 6:28] [29/11/2012 6:28] [D] C:\Program Files\Windows Live SkyDrive
      [29/11/2012 9:49] [14/07/2009 4:37] [D] C:\Program Files\Windows Mail
      [29/11/2012 9:48] [14/07/2009 6:52] [D] C:\Program Files\Windows Media Player
      [29/11/2012 0:00] [14/07/2009 4:37] [D] C:\Program Files\Windows NT
      [14/07/2009 10:48] [14/07/2009 6:52] [D] C:\Program Files\Windows Photo Viewer
      [14/07/2009 6:52] [14/07/2009 6:52] [D] C:\Program Files\Windows Portable Devices
      [14/07/2009 10:48] [14/07/2009 6:52] [D] C:\Program Files\Windows Sidebar
      [29/11/2012 8:02] [29/11/2012 8:01] [D] C:\Program Files\WinRAR
      [29/11/2012 6:18] [29/11/2012 6:17] [D] C:\Program Files\Yuna Software
      [14/07/2009 6:53] [14/07/2009 6:53] [HSDLI] C:\ProgramData\Application Data
      [29/11/2012 1:25] [29/11/2012 1:25] [DI] C:\ProgramData\Avira
      [29/11/2012 4:08] [29/11/2012 3:58] [DI] C:\ProgramData\Comodo
      [29/11/2012 4:07] [29/11/2012 4:07] [DI] C:\ProgramData\CPA_VA
      [29/11/2012 0:00] [29/11/2012 0:00] [HSDLI] C:\ProgramData\Datos de programa
      [14/07/2009 6:53] [14/07/2009 6:53] [HSDLI] C:\ProgramData\Desktop
      [29/11/2012 0:00] [29/11/2012 0:00] [HSDLI] C:\ProgramData\Documentos
      [14/07/2009 6:53] [14/07/2009 6:53] [HSDLI] C:\ProgramData\Documents
      [29/11/2012 0:00] [29/11/2012 0:00] [HSDLI] C:\ProgramData\Escritorio
      [14/07/2009 6:53] [14/07/2009 6:53] [HSDLI] C:\ProgramData\Favorites
      [29/11/2012 0:00] [29/11/2012 0:00] [HSDLI] C:\ProgramData\Favoritos
      [16/12/2012 10:24] [16/12/2012 10:24] [DI] C:\ProgramData\Freemake
      [29/11/2012 12:02] [29/11/2012 11:59] [DI] C:\ProgramData\LogiShrd
      [15/12/2012 23:20] [13/12/2012 17:26] [DI] C:\ProgramData\MAGIX
      [29/11/2012 3:30] [29/11/2012 3:30] [DI] C:\ProgramData\Malwarebytes
      [29/11/2012 0:00] [29/11/2012 0:00] [HSDLI] C:\ProgramData\Menú Inicio
      [07/12/2012 18:33] [29/11/2012 6:42] [DI] C:\ProgramData\Messenger Plus!
      [29/11/2012 6:43] [29/11/2012 6:43] [DI] C:\ProgramData\Messenger Plus! for Skype
      [12/12/2012 23:24] [14/07/2009 4:37] [SDI] C:\ProgramData\Microsoft
      [09/12/2012 22:39] [07/12/2012 18:49] [DI] C:\ProgramData\Microsoft Help
      [29/11/2012 5:16] [29/11/2012 5:16] [DI] C:\ProgramData\Mozilla
      [12/12/2012 18:27] [12/12/2012 18:25] [DI] C:\ProgramData\Nero
      [29/11/2012 0:00] [29/11/2012 0:00] [HSDLI] C:\ProgramData\Plantillas
      [11/12/2012 1:03] [10/12/2012 16:48] [DI] C:\ProgramData\regid.1986-12.com.adobe
      [14/07/2009 6:53] [14/07/2009 6:53] [HSDLI] C:\ProgramData\Start Menu
      [29/11/2012 1:49] [29/11/2012 1:49] [DI] C:\ProgramData\Sun
      [29/11/2012 3:01] [29/11/2012 3:01] [DI] C:\ProgramData\SUPERAntiSpyware.com
      [29/11/2012 4:19] [29/11/2012 4:19] [DI] C:\ProgramData\TEMP
      [14/07/2009 6:53] [14/07/2009 6:53] [HSDLI] C:\ProgramData\Templates

      ==================== EOF ==================


      En la próxima ventana te coloco el de OTL,

    4. #4
      Usuario Avatar de schumifast2007
      Registrado
      may 2007
      Ubicación
      España
      Mensajes
      149

      Re: Posible Virus en Mozilla Fire Fox

      Aquí te dejo el de OTL, pero no lo puedo pegar completo por que no me deja, me dice que es muy largo, así que te lo copiaré en las dos próximas ventanas,

      OTL logfile created on: 16/12/2012 11:29:22 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Schumivladi\Downloads
      Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      959,37 Mb Total Physical Memory | 229,80 Mb Available Physical Memory | 23,95% Memory free
      1,94 Gb Paging File | 1,07 Gb Available in Paging File | 55,27% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 148,95 Gb Total Space | 102,34 Gb Free Space | 68,70% Space Free | Partition Type: NTFS

      Computer Name: PERSONAL | User Name: Schumivladi | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Schumivladi\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\Comodo\Dragon\dragon_updater.exe ()
      PRC - C:\Archivos de programa\Mozilla Firefox\firefox.exe (Mozilla Corporation)
      PRC - C:\Archivos de programa\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software)
      PRC - C:\Archivos de programa\Comodo\COMODO Internet Security\cmdagent.exe (COMODO)
      PRC - C:\Archivos de programa\Comodo\COMODO Internet Security\cfp.exe (COMODO)
      PRC - C:\Archivos de programa\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
      PRC - C:\Archivos de programa\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
      PRC - C:\Archivos de programa\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
      PRC - C:\Archivos de programa\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
      PRC - C:\Archivos de programa\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
      PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Unlocker\UnlockerAssistant.exe ()
      PRC - C:\Archivos de programa\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Sidebar\sidebar.exe (Microsoft Corporation)
      PRC - C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
      PRC - C:\Windows\System32\LVCOMSX.EXE (Logitech Inc.)


      ========== Modules (No Company Name) ==========

      MOD - C:\Archivos de programa\Mozilla Firefox\mozjs.dll ()
      MOD - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
      MOD - C:\Archivos de programa\Unlocker\UnlockerHook.dll ()
      MOD - C:\Archivos de programa\Unlocker\UnlockerAssistant.exe ()


      ========== Services (SafeList) ==========

      SRV - (DragonUpdater) -- C:\Archivos de programa\Comodo\Dragon\dragon_updater.exe ()
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (MsgPlusService) -- C:\Archivos de programa\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software)
      SRV - (cmdAgent) -- C:\Archivos de programa\Comodo\COMODO Internet Security\cmdagent.exe (COMODO)
      SRV - (AntiVirSchedulerService) -- C:\Archivos de programa\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
      SRV - (AntiVirService) -- C:\Archivos de programa\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
      SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
      SRV - (!SASCORE) -- C:\Archivos de programa\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (FirebirdServerMAGIXInstance) -- C:\Archivos de programa\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)


      ========== Driver Services (SafeList) ==========

      DRV - (inspect) -- C:\Windows\System32\drivers\inspect.sys (COMODO)
      DRV - (cmdGuard) -- C:\Windows\System32\drivers\cmdGuard.sys (COMODO)
      DRV - (cmdHlp) -- C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
      DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
      DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
      DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
      DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
      DRV - (andnetndis) -- C:\Windows\System32\drivers\lgandnetndis.sys (LG Electronics Inc.)
      DRV - (andnetadb) -- C:\Windows\System32\drivers\lgandnetadb.sys (Google Inc)
      DRV - (AndNetDiag) -- C:\Windows\System32\drivers\lgandnetdiag.sys (LG Electronics Inc.)
      DRV - (ANDNetModem) -- C:\Windows\System32\drivers\lgandnetmodem.sys (LG Electronics Inc.)
      DRV - (SASDIFSV) -- C:\Archivos de programa\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (SASKUTIL) -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (UnlockerDriver5) -- C:\Archivos de programa\Unlocker\UnlockerDriver5.sys ()
      DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
      DRV - (ALCXWDM) -- C:\Windows\System32\drivers\RTKVAC.SYS (Realtek Semiconductor Corp.)
      DRV - (QCMerced) -- C:\Windows\System32\drivers\lvcm.sys ()
      DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)


      ========== Standard Registry (All) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN España: Hotmail, Messenger, Skype y Cuenta Microsoft
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 54 29 0E D9 C4 CD CD 01 [binary data]
      IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
      IE - HKCU\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://es.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "(Google)"
      FF - prefs.js..browser.search.defaulturl: "www.Google.com"
      FF - prefs.js..browser.search.order.1: "(Google)"
      FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
      FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926
      FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
      FF - prefs.js..extensions.enabledAddons: %7BCE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B%7D:3.8
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
      FF - prefs.js..keyword.URL: "https://www.google.com/search?q="
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/07 07:14:10 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

      [2012/12/07 07:14:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Schumivladi\AppData\Roaming\mozilla\Extensions
      [2012/12/07 07:38:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions
      [2012/12/07 07:23:35 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
      [2012/12/07 07:36:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
      [2012/12/07 07:38:23 | 000,328,449 | ---- | M] () (No name found) -- C:\Users\Schumivladi\AppData\Roaming\mozilla\firefox\profiles\aj31f5cx.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
      [2012/12/07 07:19:07 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Schumivladi\AppData\Roaming\mozilla\firefox\profiles\aj31f5cx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2012/12/07 07:14:10 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      [2012/12/07 07:14:10 | 000,000,000 | ---D | M] (Default) -- C:\Archivos de programa\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      [2012/11/29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
      [2012/11/29 11:44:43 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
      [2012/11/29 11:44:44 | 000,004,095 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
      [2012/11/29 11:44:44 | 000,001,356 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-es.xml
      [2012/11/29 11:44:43 | 000,003,581 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
      [2012/11/29 11:44:44 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
      [2012/11/29 11:44:44 | 000,001,391 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/11/29 11:44:43 | 000,001,315 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-es.xml

      O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
      O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
      O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
      O4 - HKLM..\Run: [LVCOMSX] C:\Windows\System32\LVCOMSX.EXE (Logitech Inc.)
      O4 - HKLM..\Run: [MessengerPlusForSkypeService] C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software)
      O4 - HKLM..\Run: [PlusService] C:\Archivos de programa\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
      O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
      O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
      O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
      O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O13 - gopher Prefix: missing
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Value error.)
      O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_37)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.9.2)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.129
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0969CC7D-6E5F-4F44-8450-12CDDF59014B}: NameServer = 8.26.56.26,156.154.70.22
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDDED12C-1D5B-40C6-A209-C9C3DF07C317}: DhcpNameServer = 192.168.42.129
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDDED12C-1D5B-40C6-A209-C9C3DF07C317}: NameServer = 8.26.56.26,156.154.70.22
      O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
      O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
      O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
      O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
      O31 - SafeBoot: AlternateShell - cmd.exe
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/12/16 10:50:23 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2012/12/16 10:24:57 | 000,000,000 | -H-D | C] -- C:\Users\Schumivladi\Documents\Freemake_do_not_remove_this_folder
      [2012/12/16 10:24:05 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\Freemake
      [2012/12/16 10:24:03 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
      [2012/12/16 10:24:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
      [2012/12/16 10:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
      [2012/12/16 10:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Freemake
      [2012/12/16 07:20:18 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\vlc
      [2012/12/15 23:03:38 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\dwhelper
      [2012/12/14 0023 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD
      [2012/12/14 00:09:49 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\proDAD
      [2012/12/14 00:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\proDAD
      [2012/12/13 18:02:33 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\MAGIX Downloads
      [2012/12/13 17:46:14 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\MAGIX Descargas
      [2012/12/13 17:46:14 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\MAGIX
      [2012/12/13 17:30:23 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\MAGIX_MusicEditor
      [2012/12/13 17:30:19 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\Xara
      [2012/12/13 17:30:13 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\MAGIX
      [2012/12/13 17:29:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared
      [2012/12/13 17:26:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
      [2012/12/13 17:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
      [2012/12/13 17:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
      [2012/12/13 17:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
      [2012/12/12 23:38:45 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\Nero_AG
      [2012/12/12 22:25:30 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\Nero
      [2012/12/12 22:25:17 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\NeroVideo
      [2012/12/12 22:25:17 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Nero
      [2012/12/12 18:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
      [2012/12/12 18:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
      [2012/12/12 18:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
      [2012/12/12 03:00:12 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\ElevatedDiagnostics
      [2012/12/12 02:08:45 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Desktop\My Shared Folder
      [2012/12/11 06:26:40 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\No Company Name
      [2012/12/10 16:48:16 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
      [2012/12/10 16:21:46 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\Adobe
      [2012/12/10 15:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
      [2012/12/07 19:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [2012/12/07 19:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
      [2012/12/07 18:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
      [2012/12/07 18:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
      [2012/12/07 18:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
      [2012/12/07 18:53:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
      [2012/12/07 18:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
      [2012/12/07 18:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
      [2012/12/07 18:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
      [2012/12/07 18:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
      [2012/12/07 18:49:42 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\Microsoft Help
      [2012/12/07 18:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
      [2012/12/07 18:49:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
      [2012/12/07 18:48:31 | 000,000,000 | RH-D | C] -- C:\MSOCache
      [2012/12/07 07:14:27 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Mozilla
      [2012/12/07 07:14:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
      [2012/12/07 07:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
      [2012/12/07 06:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
      [2012/12/07 06:52:46 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
      [2012/12/02 19:02:56 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\My Shared Folder
      [2012/11/29 23:55:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
      [2012/11/29 23:52:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
      [2012/11/29 23:51:51 | 000,000,000 | ---D | C] -- C:\Windows\Panther
      [2012/11/29 12:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
      [2012/11/29 12:18:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
      [2012/11/29 12:02:22 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\LogiShrd
      [2012/11/29 12:01:58 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Leadertech
      [2012/11/29 11:59:34 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
      [2012/11/29 09:48:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
      [2012/11/29 09:06:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
      [2012/11/29 08:57:58 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\Archivos Instaladores
      [2012/11/29 08:54:34 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\Audio Libros de Éxito
      [2012/11/29 08:52:52 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\LG PC Suite
      [2012/11/29 08:47:27 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\epson
      [2012/11/29 08:46:41 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Documents\Contacts
      [2012/11/29 08:46:33 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\Archivos Words
      [2012/11/29 08:46:18 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\Archivos Power Point
      [2012/11/29 08:45:54 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\Archivos Excel
      [2012/11/29 08:45:41 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\Archivos PDF
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-TW
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-HK
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\tr-TR
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\sv-SE
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\pt-BR
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\nl-NL
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\nb-NO
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\ko-KR
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\it-IT
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\he-IL
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\fr-FR
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\fi-FI
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\el-GR
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\de-DE
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\da-DK
      [2012/11/29 08:08:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\ar-SA
      [2012/11/29 08:05:17 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
      [2012/11/29 08:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
      [2012/11/29 08:03:08 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\WinRAR
      [2012/11/29 08:02:33 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
      [2012/11/29 08:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
      [2012/11/29 08:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
      [2012/11/29 07:50:26 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\Ares
      [2012/11/29 07:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares
      [2012/11/29 07:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Ares
      [2012/11/29 06:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus! for Skype
      [2012/11/29 06:43:19 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Documents\Messenger Plus!
      [2012/11/29 06:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus!
      [2012/11/29 06:31:44 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\Tracing
      [2012/11/29 06:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
      [2012/11/29 06:29:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
      [2012/11/29 06:28:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
      [2012/11/29 06:28:25 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
      [2012/11/29 06:28:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
      [2012/11/29 06:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
      [2012/11/29 06:27:41 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
      [2012/11/29 06:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
      [2012/11/29 06:17:10 | 000,000,000 | ---D | C] -- C:\Program Files\Yuna Software
      [2012/11/29 05:36:08 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\Macromedia
      [2012/11/29 05:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
      [2012/11/29 05:32:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
      [2012/11/29 05:16:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
      [2012/11/29 04:43:20 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\GlarySoft
      [2012/11/29 04:39:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
      [2012/11/29 04:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
      [2012/11/29 04:34:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      [2012/11/29 04:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2012/11/29 04:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
      [2012/11/29 04:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
      [2012/11/29 04:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
      [2012/11/29 04:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
      [2012/11/29 04:07:48 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
      [2012/11/29 04:06:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
      [2012/11/29 03:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
      [2012/11/29 03:58:15 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\Comodo
      [2012/11/29 03:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
      [2012/11/29 03:58:12 | 000,042,760 | ---- | C] (COMODO CA Limited) -- C:\Windows\System32\certsentry.dll
      [2012/11/29 03:58:03 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo
      [2012/11/29 03:30:46 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Malwarebytes
      [2012/11/29 03:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/11/29 03:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/11/29 03:30:22 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2012/11/29 03:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2012/11/29 03:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
      [2012/11/29 03:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
      [2012/11/29 03:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
      [2012/11/29 02:52:58 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\SUPERAntiSpyware.com
      [2012/11/29 01:49:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
      [2012/11/29 01:49:04 | 000,000,000 | ---D | C] -- C:\Program Files\Java
      [2012/11/29 01:31:24 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Avira
      [2012/11/29 01:25:15 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
      [2012/11/29 01:25:14 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
      [2012/11/29 01:25:14 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
      [2012/11/29 01:25:14 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
      [2012/11/29 01:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
      [2012/11/29 01:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
      [2012/11/29 01:02:46 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Macromedia
      [2012/11/29 01:02:42 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Adobe
      [2012/11/29 00:59:04 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\Mozilla
      [2012/11/29 00:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
      [2012/11/29 00:41:33 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
      [2012/11/29 00:41:33 | 000,000,000 | ---D | C] -- C:\Windows\OPTIONS
      [2012/11/29 00:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek Sound Manager
      [2012/11/29 00:36:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
      [2012/11/29 00:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
      [2012/11/29 00:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
      [2012/11/29 00:35:48 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
      [2012/11/29 00:35:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
      [2012/11/29 00:20:44 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
      [2012/11/29 00:12:18 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      [2012/11/29 00:12:18 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Searches
      [2012/11/29 00:12:18 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
      [2012/11/29 00:12:05 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Identities
      [2012/11/29 00:12:03 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Contacts
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\SendTo
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Reciente
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Plantillas
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Documents\Mis vídeos
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Documents\Mis imágenes
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Mis documentos
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Documents\Mi música
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Menú Inicio
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Impresoras
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\AppData\Local\Historial
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Entorno de red
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Datos de programa
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\AppData\Local\Datos de programa
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Cookies
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\Configuración local
      [2012/11/29 00:11:52 | 000,000,000 | -HSD | C] -- C:\Users\Schumivladi\AppData\Local\Archivos temporales de Internet
      [2012/11/29 00:11:51 | 000,000,000 | --SD | C] -- C:\Users\Schumivladi\AppData\Roaming\Microsoft
      [2012/11/29 00:11:51 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Videos
      [2012/11/29 00:11:51 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Saved Games
      [2012/11/29 00:11:51 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Pictures
      [2012/11/29 00:11:51 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Music
      [2012/11/29 00:11:51 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
      [2012/11/29 00:11:51 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Links
      [2012/11/29 00:11:51 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Favorites
      [2012/11/29 00:11:51 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Downloads
      [2012/11/29 00:11:51 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Documents
      [2012/11/29 00:11:51 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\Desktop
      [2012/11/29 00:11:51 | 000,000,000 | R--D | C] -- C:\Users\Schumivladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
      [2012/11/29 00:11:51 | 000,000,000 | -H-D | C] -- C:\Users\Schumivladi\AppData
      [2012/11/29 00:11:51 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\Temp
      [2012/11/29 00:11:51 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Local\Microsoft
      [2012/11/29 00:11:51 | 000,000,000 | ---D | C] -- C:\Users\Schumivladi\AppData\Roaming\Media Center Programs
      [2012/11/29 0015 | 000,000,000 | ---D | C] -- C:\Windows\TEMP
      [2012/11/29 0003 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
      [2012/11/29 00:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
      [2012/11/29 00:09:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
      [2012/11/29 00:09:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
      [2012/11/29 00:08:31 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\Recovery
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plantillas
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mis vídeos
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mis imágenes
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mi música
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menú Inicio
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Escritorio
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Datos de programa
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\Archivos de programa
      [2012/11/29 00:00:06 | 000,000,000 | -HSD | C] -- C:\Program Files\Archivos comunes

      ========== Files - Modified Within 30 Days ==========

      [2012/12/16 11:11:07 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/12/16 10:54:55 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/12/16 10:54:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/12/16 10:54:28 | 754,475,008 | -HS- | M] () -- C:\hiberfil.sys
      [2012/12/16 10:24:03 | 000,001,282 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
      [2012/12/15 06:23:48 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/12/15 06:23:48 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/12/14 00:18:42 | 001,651,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
      [2012/12/14 0028 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Heroglyph 2.5.lnk
      [2012/12/13 17:29:54 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 17 Premium Versión para descargar.lnk
      [2012/12/12 18:06:56 | 000,703,602 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2012/12/12 18:06:56 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2012/12/12 18:06:56 | 000,137,600 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2012/12/12 18:06:56 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2012/12/12 15:33:37 | 000,042,760 | ---- | M] (COMODO CA Limited) -- C:\Windows\System32\certsentry.dll
      [2012/12/07 17:55:06 | 000,001,120 | ---- | M] () -- C:\Windows\_delis32.ini
      [2012/12/07 07:14:15 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012/12/07 06:52:47 | 000,001,226 | ---- | M] () -- C:\Users\Schumivladi\Desktop\Revo Uninstaller.lnk
      [2012/12/05 22:39:47 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_lgandnetadb_01005.Wdf
      [2012/11/29 23:57:10 | 000,052,732 | ---- | M] () -- C:\Windows\System32\license.rtf
      [2012/11/29 13:50:17 | 000,000,000 | ---- | M] () -- C:\Windows\LVtest.INI
      [2012/11/29 09:15:28 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      [2012/11/29 07:50:19 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Ares.lnk
      [2012/11/29 06:29:19 | 000,000,020 | ---- | M] () -- C:\Windows\$ùe
      [2012/11/29 04:39:04 | 000,001,028 | ---- | M] () -- C:\Users\Schumivladi\Desktop\Glary Utilities.lnk
      [2012/11/29 04:34:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2012/11/29 04:17:17 | 000,001,041 | ---- | M] () -- C:\Users\Schumivladi\Desktop\SpywareBlaster.lnk
      [2012/11/29 04:09:58 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
      [2012/11/29 03:58:44 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
      [2012/11/29 03:58:15 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
      [2012/11/29 03:30:24 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/11/29 03:01:35 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
      [2012/11/29 01:36:01 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
      [2012/11/29 00:59:08 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
      [2012/11/29 00:42:46 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2012/11/29 00:42:46 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2012/11/29 00:36:18 | 000,001,806 | ---- | M] () -- C:\Users\Public\Desktop\AvRack.lnk
      [2012/11/29 00:18:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
      [2012/11/29 0005 | 000,000,952 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

      ========== Files Created - No Company Name ==========

      [2012/12/16 10:24:03 | 000,001,282 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
      [2012/12/14 0028 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Heroglyph 2.5.lnk
      [2012/12/13 17:29:54 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 17 Premium Versión para descargar.lnk
      [2012/12/12 18:13:43 | 001,651,096 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
      [2012/12/07 19:47:34 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
      [2012/12/07 19:46:08 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
      [2012/12/07 17:55:53 | 000,053,248 | R--- | C] () -- C:\Windows\System32\InstMed.exe
      [2012/12/07 07:14:15 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [2012/12/07 07:14:15 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012/12/07 06:52:47 | 000,001,226 | ---- | C] () -- C:\Users\Schumivladi\Desktop\Revo Uninstaller.lnk
      [2012/12/05 22:39:47 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_lgandnetadb_01005.Wdf
      [2012/11/29 23:56:39 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
      [2012/11/29 23:56:30 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
      [2012/11/29 23:52:47 | 754,475,008 | -HS- | C] () -- C:\hiberfil.sys
      [2012/11/29 23:51:22 | 000,000,341 | R--- | C] () -- C:\Windows\System32\limpiar.cmd
      [2012/11/29 13:50:17 | 000,000,000 | ---- | C] () -- C:\Windows\LVtest.INI
      [2012/11/29 12:57:53 | 001,317,152 | ---- | C] () -- C:\Windows\System32\drivers\lvcm.sys
      [2012/11/29 12:57:53 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
      [2012/11/29 12:57:28 | 000,001,120 | ---- | C] () -- C:\Windows\_delis32.ini
      [2012/11/29 09:15:28 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      [2012/11/29 07:50:19 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Ares.lnk
      [2012/11/29 06:29:18 | 000,000,020 | ---- | C] () -- C:\Windows\$ùe
      [2012/11/29 05:34:54 | 000,000,838 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/11/29 04:39:06 | 000,000,324 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/11/29 04:39:04 | 000,001,028 | ---- | C] () -- C:\Users\Schumivladi\Desktop\Glary Utilities.lnk
      [2012/11/29 04:34:17 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2012/11/29 04:17:17 | 000,001,041 | ---- | C] () -- C:\Users\Schumivladi\Desktop\SpywareBlaster.lnk
      [2012/11/29 03:58:44 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
      [2012/11/29 03:58:15 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
      [2012/11/29 03:30:24 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/11/29 03:01:35 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
      [2012/11/29 01:36:01 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
      [2012/11/29 01:25:30 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
      [2012/11/29 00:59:08 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
      [2012/11/29 00:44:43 | 000,045,056 | ---- | C] () -- C:\Windows\System32\vusetup.dll
      [2012/11/29 00:42:46 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
      [2012/11/29 00:42:46 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
      [2012/11/29 00:36:33 | 000,049,152 | R--- | C] () -- C:\Windows\System32\ChCfg.exe
      [2012/11/29 00:36:20 | 000,141,016 | R--- | C] () -- C:\Windows\System32\alsndmgr.wav
      [2012/11/29 00:36:18 | 000,001,806 | ---- | C] () -- C:\Users\Public\Desktop\AvRack.lnk
      [2012/11/29 00:36:15 | 000,000,164 | R--- | C] () -- C:\Windows\avrack.ini
      [2012/11/29 00:18:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
      [2012/11/29 00:12:22 | 000,001,401 | ---- | C] () -- C:\Users\Schumivladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      [2012/11/29 0005 | 000,000,952 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk

    5. #5
      Usuario Avatar de schumifast2007
      Registrado
      may 2007
      Ubicación
      España
      Mensajes
      149

      Re: Posible Virus en Mozilla Fire Fox

      Y aquí la última parte de OTL


      ccess Check ==========[/color]

      [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/11/29 04:43:20 | 000,000,000 | ---D | M] -- C:\Users\Schumivladi\AppData\Roaming\GlarySoft
      [2012/11/29 12:01:58 | 000,000,000 | ---D | M] -- C:\Users\Schumivladi\AppData\Roaming\Leadertech
      [2012/12/15 23:20:51 | 000,000,000 | ---D | M] -- C:\Users\Schumivladi\AppData\Roaming\MAGIX
      [2012/12/11 06:26:40 | 000,000,000 | ---D | M] -- C:\Users\Schumivladi\AppData\Roaming\No Company Name
      [2012/12/14 00:09:49 | 000,000,000 | ---D | M] -- C:\Users\Schumivladi\AppData\Roaming\proDAD

      ========== Purity Check ==========



      ========== Custom Scans ==========

      ========== Base Services ==========
      SRV - [2009/07/14 02:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
      SRV - [2009/07/14 02:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
      SRV - [2009/07/14 02:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
      SRV - [2009/07/14 02:16:12 | 000,589,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
      SRV - [2009/07/14 02:14:59 | 000,493,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
      SRV - [2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (KeyIso)
      SRV - [2009/07/14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
      SRV - [2012/07/04 22:23:55 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
      SRV - [2012/06/02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
      SRV - [2009/07/14 02:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
      SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
      SRV - [2011/03/03 06:29:23 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
      SRV - [2009/07/14 02:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
      SRV - [2009/07/14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
      SRV - [2009/07/14 02:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
      SRV - [2009/07/14 02:15:33 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
      No service found with a name of MsMpSvc
      No service found with a name of NisSrv
      SRV - [2009/07/14 02:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\swprv.dll -- (swprv)
      SRV - [2009/07/14 02:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
      SRV - [2009/07/14 02:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
      SRV - [2009/07/14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
      SRV - [2009/07/14 02:16:03 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
      SRV - [2009/07/14 02:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
      SRV - [2011/05/24 11:35:34 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
      SRV - [2012/02/11 06:41:06 | 000,316,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
      SRV - [2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
      No service found with a name of EMDMgmt
      SRV - [2009/07/14 02:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
      SRV - [2009/07/14 02:16:12 | 000,285,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)
      SRV - [2009/07/14 02:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
      SRV - [2009/07/14 02:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
      SRV - [2011/11/17 06:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
      SRV - [2010/12/21 06:38:24 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
      SRV - [2010/08/27 06:46:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
      SRV - [2009/07/14 02:16:14 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
      No service found with a name of slsvc
      SRV - [2010/11/02 05:39:32 | 000,749,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
      SRV - [2009/07/14 02:16:15 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
      SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
      SRV - [2012/05/02 05:52:09 | 000,163,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
      SRV - [2009/07/14 02:14:43 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
      SRV - [2009/07/14 02:14:57 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
      SRV - [2009/07/14 02:14:57 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
      SRV - [2009/07/14 02:16:13 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
      SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend)
      SRV - [2009/07/14 02:16:18 | 001,086,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
      SRV - [2009/07/14 02:15:41 | 000,565,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
      SRV - [2009/07/14 02:16:18 | 000,462,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
      SRV - [2009/07/14 02:14:25 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
      SRV - [2009/07/14 02:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
      SRV - [2012/06/02 23:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
      SRV - [2009/07/14 02:15:12 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
      SRV - [2009/07/14 02:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
      SRV - [2009/07/14 02:16:19 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

      < %systemdrive%\*.* >
      [2012/12/16 10:53:04 | 000,010,947 | ---- | M] () -- C:\AT-Destroyer.txt
      [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2012/12/16 10:54:28 | 754,475,008 | -HS- | M] () -- C:\hiberfil.sys
      [2012/11/29 13:37:08 | 000,006,181 | ---- | M] () -- C:\Installer.log
      [2012/11/29 00:42:46 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2012/11/29 13:41:22 | 000,000,091 | ---- | M] () -- C:\LogiSetup.log
      [2012/11/29 00:42:46 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2012/12/16 10:54:28 | 1073,741,824 | -HS- | M] () -- C:\pagefile.sys

      < %programfiles%\*.exe >

      < %appdata%\*.exe /s /5 >

      < %localappdata%\*.exe /s /5 >
      [2012/12/12 18:00:46 | 043,000,680 | ---- | M] (Microsoft Corporation) -- C:\Users\Schumivladi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0UGHVHW1\dotNetFx40_Client_x86_x64[1].exe
      [14 C:\Users\Schumivladi\AppData\Local\Temp\*.tmp files -> C:\Users\Schumivladi\AppData\Local\Temp\*.tmp -> ]
      [2012/12/13 00:25:43 | 000,725,968 | ---- | M] (Nero AG ) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\setup.exe
      [2012/12/13 00:26:09 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\ISSetupPrerequisites\microsoftVcRedist2010Sp1X64\PRQStarter-1.exe
      [2012/12/13 00:26:09 | 005,673,816 | ---- | M] (Microsoft Corporation) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\ISSetupPrerequisites\microsoftVcRedist2010Sp1X64\vcredist_x64.exe
      [2012/12/13 00:26:02 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\ISSetupPrerequisites\microsoftVcRedist2010Sp1X86\PRQStarter-1.exe
      [2012/12/13 00:26:02 | 004,995,416 | ---- | M] (Microsoft Corporation) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\ISSetupPrerequisites\microsoftVcRedist2010Sp1X86\vcredist_x86.exe
      [2012/12/13 00:25:57 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\ISSetupPrerequisites\msi4.5ForWindows6.0X64\PRQStarter-1.exe
      [2012/12/13 00:25:53 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\ISSetupPrerequisites\msi4.5ForWindows6.0X86\PRQStarter-1.exe
      [2012/12/13 00:25:50 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\ISSetupPrerequisites\msi4.5ForWindowsxpX86\PRQStarter-1.exe
      [2012/12/13 00:25:50 | 003,327,000 | ---- | M] () -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\ISSetupPrerequisites\msi4.5ForWindowsxpX86\WindowsXP-KB942288-v3-x86.exe
      [2012/12/13 00:25:47 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\ISSetupPrerequisites\rebootValidator\PRQStarter-1.exe
      [2012/12/13 00:25:47 | 002,566,416 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\ISSetupPrerequisites\systemRequirementValidator\NeroOSValidator.exe
      [2012/12/13 00:25:44 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120810111612934\ISSetupPrerequisites\systemRequirementValidator\PRQStarter-1.exe
      [2012/12/13 00:17:22 | 000,737,464 | ---- | M] (Nero AG ) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\setup.exe
      [2012/12/13 00:17:28 | 003,797,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\adobeflash\install_flash_player_11_active_x_32bit.exe
      [2012/12/13 00:17:27 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\adobeflash\PRQStarter-1.exe
      [2012/12/13 00:17:27 | 000,517,976 | ---- | M] () -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dcsx\DXSETUP.exe
      [2012/12/13 00:17:27 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dcsx\PRQStarter-1.exe
      [2012/12/13 00:17:27 | 000,517,976 | ---- | M] () -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx10\DXSETUP.exe
      [2012/12/13 00:17:27 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx10\PRQStarter-1.exe
      [2012/12/13 00:17:27 | 000,517,976 | ---- | M] () -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx11\DXSETUP.exe
      [2012/12/13 00:17:27 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx11\PRQStarter-1.exe
      [2012/12/13 00:17:27 | 000,517,976 | ---- | M] () -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx9\DXSETUP.exe
      [2012/12/13 00:17:27 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx9\PRQStarter-1.exe
      [2012/12/13 00:17:27 | 000,517,976 | ---- | M] () -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\direct3dHlslCompiler9.29.952.3111\DXSETUP.exe
      [2012/12/13 00:17:27 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\direct3dHlslCompiler9.29.952.3111\PRQStarter-1.exe
      [2012/12/13 00:17:27 | 000,081,920 | ---- | M] () -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\lightscribeSystemSoftware\LSDriveDetect.exe
      [2012/12/13 00:17:26 | 000,090,384 | ---- | M] () -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\lightscribeSystemSoftware\LS_LAUNCHER.exe
      [2012/12/13 00:17:26 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\lightscribeSystemSoftware\PRQStarter-1.exe
      [2012/12/13 00:17:26 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\microsoftVcRedist2010Sp1X64\PRQStarter-1.exe
      [2012/12/13 00:17:26 | 005,673,816 | ---- | M] (Microsoft Corporation) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\microsoftVcRedist2010Sp1X64\vcredist_x64.exe
      [2012/12/13 00:17:25 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\microsoftVcRedist2010Sp1X86\PRQStarter-1.exe
      [2012/12/13 00:17:25 | 004,995,416 | ---- | M] (Microsoft Corporation) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\microsoftVcRedist2010Sp1X86\vcredist_x86.exe
      [2012/12/13 00:17:24 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\microsoftXml4.0\PRQStarter-1.exe
      [2012/12/13 00:17:24 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\msi4.5ForWindows6.0X64\PRQStarter-1.exe
      [2012/12/13 00:17:24 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\msi4.5ForWindows6.0X86\PRQStarter-1.exe
      [2012/12/13 00:17:23 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\msi4.5ForWindowsxpX86\PRQStarter-1.exe
      [2012/12/13 00:17:23 | 003,327,000 | ---- | M] () -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\msi4.5ForWindowsxpX86\WindowsXP-KB942288-v3-x86.exe
      [2012/12/13 00:17:23 | 000,143,240 | ---- | M] (Ask.com) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\neroAskToolbar\ApnStub.exe
      [2012/12/13 00:17:23 | 003,884,200 | ---- | M] (Ask) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\neroAskToolbar\ApnToolbarInstaller.exe
      [2012/12/13 00:17:23 | 001,708,152 | ---- | M] () -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\neroAskToolbar\AskToolbarNRO.exe
      [2012/12/13 00:17:23 | 001,708,232 | ---- | M] () -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\neroAskToolbar\AskToolbarNRO3.exe
      [2012/12/13 00:17:23 | 002,967,424 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\neroAskToolbar\NeroBar.exe
      [2012/12/13 00:17:23 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\neroAskToolbar\PRQStarter-1.exe
      [2012/12/13 00:17:23 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\rebootValidator\PRQStarter-1.exe
      [2012/12/13 00:17:23 | 002,566,416 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\systemRequirementValidator\NeroOSValidator.exe
      [2012/12/13 00:17:23 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\Schumivladi\AppData\Local\Temp\NeroInstallFiles\NERO20120813133908588\ISSetupPrerequisites\systemRequirementValidator\PRQStarter-1.exe

      < %systemroot%\*. /mp /s >

      < End of report >

      Estaré pendiente de las próximas instrucciones, gracias.

    6. #6
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.958

      Re: Posible Virus en Mozilla Fire Fox

      Hola de Nuevo




      Ejecutá OTL.exe


      Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación



      :OTL
      FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926
      FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
      FF - prefs.js..extensions.enabledAddons: %7BCE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B%7D:3.8
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
      FF - user.js - File not found
      [2012/12/07 07:14:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Schumivladi\AppData\Roaming\mozilla\Extensions
      [2012/12/07 07:38:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions
      O4 - HKLM..\Run: [MessengerPlusForSkypeService] C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software)
      :Files
      ipconfig /flushdns /c
      :Commands
      [PURITY]
      [EMPTYTEMP]
      [EMPTYFLASH]
      [RESETHOSTS]

      Presioná el Boton Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.





      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de schumifast2007
      Registrado
      may 2007
      Ubicación
      España
      Mensajes
      149

      Re: Posible Virus en Mozilla Fire Fox

      Ok, el informe a continuación, pero una cosita, no se si era importante, pero el Avira bloqueó al final un Host y me dió este mensaje:
      El administrador ha bloqueado el acceso al fichero host siguiendo la directiva de seguridad.

      Y perdona, pero había perdido la ubicación del informe y lo he buscado en los archivos y creo que es el que esta en la carpeta OTL => Moved File espero que sea el correcto.


      All processes killed
      ========== OTL ==========
      Prefs.js: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926 removed from extensions.enabledAddons
      Prefs.js: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12 removed from extensions.enabledAddons
      Prefs.js: %7BCE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B%7D:3.8 removed from extensions.enabledAddons
      Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 removed from extensions.enabledAddons
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Extensions folder moved successfully.
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\local\modules folder moved successfully.
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\local folder moved successfully.
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\defaults\preferences folder moved successfully.
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\defaults folder moved successfully.
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\components folder moved successfully.
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\chrome folder moved successfully.
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} folder moved successfully.
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\META-INF folder moved successfully.
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\chrome folder moved successfully.
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} folder moved successfully.
      C:\Users\Schumivladi\AppData\Roaming\mozilla\Firefox\Profiles\aj31f5cx.default\extensions folder moved successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MessengerPlusForSkypeService deleted successfully.
      C:\Archivos de programa\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe moved successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Schumivladi\Downloads\cmd.bat deleted successfully.
      C:\Users\Schumivladi\Downloads\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Public

      User: Schumivladi
      ->Temp folder emptied: 2725620163 bytes
      ->Temporary Internet Files folder emptied: 44145415 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 376851758 bytes
      ->Flash cache emptied: 22184 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 33165533 bytes
      RecycleBin emptied: 1595255497 bytes

      Total Files Cleaned = 4.554,00 mb


      [EMPTYFLASH]

      User: All Users

      User: Default

      User: Default User

      User: Public

      User: Schumivladi
      ->Flash cache emptied: 0 bytes

      Total Flash Files Cleaned = 0,00 mb

      File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
      Error: Unble to create default HOSTS file!

      OTL by OldTimer - Version 3.2.69.0 log created on 12162012_201819

      Files\Folders moved on Reboot...
      File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...


      Bueno, seguimos en contacto.

    8. #8
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.958

      Re: Posible Virus en Mozilla Fire Fox

      Hola de Nuevo


      Ejecutá nuevamente OTL.exe y presionas el Boton Limpiar.


      Esto Eliminará de Tu sistema a OTL.exe y sus archivos creados y eliminados.


      Te pedirá reiniciar el ordenador. Presionas SI, y después de reiniciar, comprobas en Funcionamiento y nos comentas como sigue.




      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de schumifast2007
      Registrado
      may 2007
      Ubicación
      España
      Mensajes
      149

      Re: Posible Virus en Mozilla Fire Fox

      Ok, ya lo he ejecutado y ya se ha borrado de mi sistema, ahora queda esperar un poco, por que la interrupción de esa Web Maligna aparece como cada 2 horas mas o menos, así que ya te informaré como sigue, de momento gracias y cualquier cosa estaré pendiente por si me escribes, saludos.

    10. #10
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.958

      Re: Posible Virus en Mozilla Fire Fox

      Cita Originalmente publicado por schumifast2007 Ver Mensaje
      Ok, ya lo he ejecutado y ya se ha borrado de mi sistema, ahora queda esperar un poco, por que la interrupción de esa Web Maligna aparece como cada 2 horas mas o menos, así que ya te informaré como sigue, de momento gracias y cualquier cosa estaré pendiente por si me escribes, saludos.
      OK, esperamos ....

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo