• Registrarse
  • Iniciar sesión


  • Página 3 de 3 PrimeroPrimero 123
    Resultados 21 al 25 de 25

    Virus me modifica PC Tools Firewall Plus

    Malwarebytes Anti-Malware 1.70.0.1100 Malwarebytes : Free anti-malware download Versión de la Base de Datos: v2013.01.05.03 Windows 7 Service Pack 1 x86 NTFS (Modo Seguro/Red) Internet Explorer 9.0.8112.16421 ffabiar :: FFABIAR-PC [administrador] 05/01/2013 10:22:56 mbam-log-2013-01-05 (10-22-56).txt ...

    1. #21
      Usuario Avatar de ferfa81
      Registrado
      oct 2012
      Ubicación
      Buenos Aires
      Mensajes
      16

      Re: Virus me modifica PC Tools Firewall Plus

      Malwarebytes Anti-Malware 1.70.0.1100
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2013.01.05.03

      Windows 7 Service Pack 1 x86 NTFS (Modo Seguro/Red)
      Internet Explorer 9.0.8112.16421
      ffabiar :: FFABIAR-PC [administrador]

      05/01/2013 10:22:56
      mbam-log-2013-01-05 (10-22-56).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 438119
      Tiempo transcurrido: 53 minuto(s), 25 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)

    2. #22
      Usuario Avatar de ferfa81
      Registrado
      oct 2012
      Ubicación
      Buenos Aires
      Mensajes
      16

      Re: Virus me modifica PC Tools Firewall Plus

      OTL logfile created on: 1/5/2013 11:23:50 AM - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = D:\Desktop
      Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      2.93 Gb Total Physical Memory | 1.87 Gb Available Physical Memory | 63.86% Memory free
      14.64 Gb Paging File | 13.87 Gb Available in Paging File | 94.72% Paging File free
      Paging file location(s): c:\pagefile.sys 6000 8000d:\pagef [Binary data over 200 bytes]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
      Drive C: | 40.00 Gb Total Space | 2.01 Gb Free Space | 5.01% Space Free | Partition Type: NTFS
      Drive D: | 242.99 Gb Total Space | 22.97 Gb Free Space | 9.45% Space Free | Partition Type: NTFS

      Computer Name: FFABIAR-PC | User Name: ffabiar | Logged in as Administrator.
      Boot Mode: SafeMode with Networking | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - D:\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
      PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
      PRC - C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe ()
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()


      ========== Services (SafeList) ==========

      SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
      SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
      SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
      SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
      SRV - (vToolbarUpdater12.2.6) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
      SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
      SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
      SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      SRV - (MsDepSvc) -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe (Microsoft Corporation)
      SRV - (PCToolsFirewallPlus) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
      SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (Rezip) -- C:\Windows\System32\Rezip.exe ()


      ========== Driver Services (SafeList) ==========

      DRV - (ZTEusbvoice) -- system32\DRIVERS\ZTEusbvoice.sys File not found
      DRV - (ZTEusbser6k) -- system32\DRIVERS\ZTEusbser6k.sys File not found
      DRV - (ZTEusbnmea) -- system32\DRIVERS\ZTEusbnmea.sys File not found
      DRV - (ZTEusbmdm6k) -- system32\DRIVERS\ZTEusbmdm6k.sys File not found
      DRV - (cpuz132) -- C:\Users\ffabiar\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
      DRV - (DrvAgent32) -- C:\Windows\System32\drivers\DrvAgent32.sys (Phoenix Technologies)
      DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
      DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
      DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
      DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
      DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
      DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
      DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
      DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
      DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
      DRV - (Lbd) -- C:\Windows\System32\drivers\Lbd.sys (Lavasoft AB)
      DRV - (PCTAppEvent) -- C:\Windows\System32\drivers\PCTAppEvent.sys (PC Tools)
      DRV - (pctgntdi) -- C:\Windows\System32\drivers\pctgntdi.sys (PC Tools)
      DRV - (pctplfw) -- C:\Windows\System32\drivers\pctplfw.sys (PC Tools)
      DRV - (PCTFW-PacketFilter) -- C:\Windows\System32\drivers\pctNdis-PacketFilter.sys (PC Tools)
      DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (pctNdisMP) -- C:\Windows\System32\drivers\pctNdis.sys (PC Tools)
      DRV - (pctNdis) -- C:\Windows\System32\drivers\pctNdis.sys (PC Tools)
      DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
      DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation)
      DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
      DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
      DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.)
      DRV - (pavboot) -- C:\Windows\System32\drivers\pavboot.sys (Panda Security, S.L.)
      DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
      DRV - (CryptOSD) -- C:\Windows\System32\drivers\CryptOSD.sys (Phoenix Technologies Ltd.)
      DRV - (CrystalSysInfo) -- C:\Program Files\MediaCoder\SysInfo.sys ()


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Internet Explorer 6 Search Companion is no longer supported.
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
      IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-358164309-4232575641-890690589-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKU\S-1-5-21-358164309-4232575641-890690589-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKU\S-1-5-21-358164309-4232575641-890690589-1000\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      IE - HKU\S-1-5-21-358164309-4232575641-890690589-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-358164309-4232575641-890690589-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={18010183-EC28-4E12-B95A-BCC192CF9989}&mid=0d470358dfd447d6ac7f65cbb87d083f-b445b0d5a62e41d7a57ac489360a185b38d669f6&lang=es&ds=AVG&pr=fr&d=2012-06-02 21:11:01&v=12.2.5.32&sap=dsp&q={searchTerms}
      IE - HKU\S-1-5-21-358164309-4232575641-890690589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-358164309-4232575641-890690589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>??????????????????????????????;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>

      ========== FireFox ==========

      FF - prefs.js..extensions.enabledAddons: [email protected]:1.5.0
      FF - prefs.js..extensions.enabledAddons: {a3a5c777-f583-4fef-9380-ab4add1bc2a8}:4.1
      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..keyword.URL: "https://www.google.com/search?q="
      FF - prefs.js..browser.search.order.1: "(Google)"
      FF - prefs.js..browser.search.defaultenginename: "(Google)"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.search.defaulturl: "www.Google.com"
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
      FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ffabiar\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
      FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ffabiar\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ffabiar\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ffabiar\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ffabiar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/09/11 09:54:15 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\12.2.5.32\ [2012/09/03 21:17:24 | 000,000,000 | ---D | M]

      [2012/02/24 09:49:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ffabiar\AppData\Roaming\Mozilla\Extensions
      [2012/02/24 09:49:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ffabiar\AppData\Roaming\Mozilla\Extensions\[email protected]
      [2012/06/16 12:15:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ffabiar\AppData\Roaming\Mozilla\Firefox\Profiles\dd9l80y5.default\extensions
      [2012/06/16 12:15:56 | 000,000,000 | ---D | M] ("I Want This") -- C:\Users\ffabiar\AppData\Roaming\Mozilla\Firefox\Profiles\dd9l80y5.default\extensions\[email protected]
      [2012/01/13 22:11:48 | 000,010,285 | ---- | M] () (No name found) -- C:\Users\ffabiar\AppData\Roaming\Mozilla\Firefox\Profiles\dd9l80y5.default\extensions\[email protected]
      [2012/02/07 20:04:02 | 000,013,666 | ---- | M] () (No name found) -- C:\Users\ffabiar\AppData\Roaming\Mozilla\Firefox\Profiles\dd9l80y5.default\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi

      ========== Chrome ==========

      CHR - homepage: Google
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: Google
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ffabiar\AppData\Local\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\ffabiar\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ffabiar\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
      CHR - plugin: Skype Click to Call (Enabled) = C:\Users\ffabiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll
      CHR - plugin: AVG Internet Security (Enabled) = C:\Users\ffabiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll
      CHR - plugin: NPLastPass (Enabled) = C:\Users\ffabiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.15_0\nplastpass.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
      CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\ffabiar\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
      CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\ffabiar\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
      CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
      CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
      CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: Unity Player (Enabled) = C:\Users\ffabiar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
      CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\windows\system32\npDeployJava1.dll
      CHR - Extension: LastPass = C:\Users\ffabiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.15_0\
      CHR - Extension: AVG Safe Search = C:\Users\ffabiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
      CHR - Extension: Skype Click to Call = C:\Users\ffabiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
      CHR - Extension: AVG Secure Search = C:\Users\ffabiar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.32_0\

      O1 HOSTS File: ([2013/01/04 17:36:30 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: ::1 localhost
      O2 - BHO: (no name) - {074C1DC5-9320-4A9A-947D-C042949C6216} - No CLSID value found.
      O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
      O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
      O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPToolbar.dll ()
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (no name) - {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} - No CLSID value found.
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (no name) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
      O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll ()
      O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
      O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
      O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
      O4 - HKLM..\RunOnce: [listar] C:\windows\System32\cmd.exe (Microsoft Corporation)
      O4 - Startup: C:\Users\ffabiar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\ffabiar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
      O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-21-358164309-4232575641-890690589-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-21-358164309-4232575641-890690589-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
      O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O8 - Extra context menu item: LastPass - file://C:\Users\ffabiar\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
      O8 - Extra context menu item: LastPass - Rellenar Formularios - file://C:\Users\ffabiar\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
      O9 - Extra 'Tools' menuitem : Tri&xie Options... - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - Reg Error: Key error. File not found
      O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll ()
      O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll ()
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
      O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/actives.../as2stubie.cab (ActiveScan 2.0 Installer Class)
      O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.9.2)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.49.130.41 200.42.4.204
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E32D33EA-EFF6-497A-875A-45683F28565D}: DhcpNameServer = 200.49.130.41 200.42.4.204
      O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\windows\system32\Userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O32 - AutoRun File - [2013/01/04 19:12:47 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
      O32 - AutoRun File - [2013/01/04 19:12:47 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O34 - HKLM BootExecute: (lsdelete)
      O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found

      MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
      MsConfig - StartUpFolder: C:^Users^ffabiar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\ffabiar\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
      MsConfig - StartUpFolder: C:^Users^ffabiar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LaunchU3.exe.lnk - C:\Users\ffabiar\AppData\Roaming\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe - ()
      MsConfig - StartUpFolder: C:^Users^ffabiar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla e Inicio rápido de OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
      MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: Akamai NetSession Interface - hkey= - key= - C:\Users\ffabiar\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
      MsConfig - StartUpReg: APLangApp - hkey= - key= - C:\Program Files\AnyPC Client\APLangApp.exe (DoctorSoft)
      MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      MsConfig - StartUpReg: CLMLServer - hkey= - key= - Reg Error: Value error. File not found
      MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\ffabiar\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
      MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
      MsConfig - StartUpReg: HF_G_Jul - hkey= - key= - C:\Program Files\AVG Secure Search\HF_G_Jul.exe ()
      MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
      MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
      MsConfig - StartUpReg: pamela.exe - hkey= - key= - C:\Program Files\Pamela\Pamela.exe (Scendix Software-Vertriebsges. mbH)
      MsConfig - StartUpReg: PDVD8LanguageShortcut - hkey= - key= - Reg Error: Value error. File not found
      MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
      MsConfig - StartUpReg: RemoteControl8 - hkey= - key= - Reg Error: Value error. File not found
      MsConfig - StartUpReg: ROC_ROC_JULY_P1 - hkey= - key= - C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
      MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
      MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
      MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
      MsConfig - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: SynTPEnh - hkey= - key= - File not found
      MsConfig - StartUpReg: TkBellExe - hkey= - key= - File not found
      MsConfig - StartUpReg: UCam_Menu - hkey= - key= - File not found
      MsConfig - StartUpReg: UpdateLBPShortCut - hkey= - key= - File not found
      MsConfig - StartUpReg: UpdateP2GoShortCut - hkey= - key= - File not found
      MsConfig - StartUpReg: UpdatePDRShortCut - hkey= - key= - File not found
      MsConfig - StartUpReg: vProt - hkey= - key= - C:\Program Files\AVG Secure Search\vprot.exe ()
      MsConfig - State: "bootini" - 2
      MsConfig - State: "startup" - 2
      MsConfig - State: "services" - 2

      CREATERESTOREPOINT
      Unable to start System Restore Service. Error code 1084

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/01/05 10:12:38 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2013/01/04 21:52:16 | 000,000,000 | ---D | C] -- C:\Lop SD
      [2013/01/04 19:12:47 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
      [2013/01/04 19:05:22 | 000,000,000 | ---D | C] -- C:\UsbFix
      [2013/01/03 19:35:47 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\windows\System32\drivers\pavboot.sys
      [2013/01/03 19:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
      [2013/01/03 18:23:57 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2013/01/03 18:22:34 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Roaming\Malwarebytes
      [2013/01/03 18:22:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/01/03 18:22:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/01/03 18:22:02 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
      [2013/01/03 18:22:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2013/01/02 15:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
      [2013/01/02 15:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
      [2013/01/02 15:24:59 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\windows\System32\sdnclean.exe
      [2013/01/02 15:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
      [2013/01/02 15:24:06 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\Programs
      [2013/01/02 09:39:06 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{B0D1B05F-BA56-4C8A-A4D9-28C178008D5E}
      [2013/01/01 12:55:06 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{7080BAE3-C21F-4C8A-874F-1C7D7CBDEC9E}
      [2012/12/31 10:54:23 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{E238066D-E24C-4720-BCE5-C91F516E7913}
      [2012/12/30 12:22:51 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{0B3E17CA-E940-429A-96F5-D94A36928C76}
      [2012/12/28 20:37:18 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{F449C473-E68B-427E-85BB-7AF631ECA16A}
      [2012/12/26 11:04:47 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{2F2B7C1A-187F-4C3E-BE3F-D7EC0E0097FE}
      [2012/12/25 10:03:47 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{37C9370C-E1E6-41C2-A8FA-EF63BE46AA64}
      [2012/12/24 19:07:10 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{A2042B75-B1CA-4351-A717-21C09043F1A5}
      [2012/12/22 10:01:20 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{FDBC2AB4-AD21-4063-B5D4-370078B0F54D}
      [2012/12/21 09:17:36 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{1EE541BD-EE72-46B0-B6CD-86EA23A42FB2}
      [2012/12/20 09:16:59 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{AAC03B30-881E-429F-AE05-DAEFAA42BFFF}
      [2012/12/19 21:16:34 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{B48F2992-25A5-4117-888B-E682955E58B3}
      [2012/12/19 07:36:50 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{7232760A-BD31-48F2-AAC6-18FC73558F89}
      [2012/12/18 19:14:42 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{4CC9FF25-13D4-4DAC-BD50-21E803601AEF}
      [2012/12/18 07:14:15 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{358C3148-43C9-4178-8D4E-A7A3592A2B17}
      [2012/12/17 1242 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{4234C372-CA37-4F5B-BA54-7AFCC0C36346}
      [2012/12/16 21:20:22 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{4D07A7B2-CC22-4707-A849-0BB9D8E75009}
      [2012/12/16 20:45:53 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{B9A55BDA-C7DE-48C7-AB53-A6B679B14139}
      [2012/12/15 21:24:14 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{BF5464DC-027E-41B5-9576-9215EDA2E919}
      [2012/12/15 09:23:49 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{594C1E7B-C784-4808-A383-95718D8D291F}
      [2012/12/14 08:14:20 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{45B17F64-EE07-49C0-8D09-F502A3BE70C4}
      [2012/12/13 07:58:46 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{47BA9E79-5F66-4CE0-B2E7-CD938535522D}
      [2012/12/12 07:33:58 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{1C663B49-CDAC-4EDC-ADCB-A59A06A71EFC}
      [2012/12/11 08:05:46 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{52CBFC0A-E9C3-4BEC-8320-0D368589275D}
      [2012/12/10 18:54:29 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{AA9FDEFB-1722-4DC3-9AD8-E547D10AC934}
      [2012/12/10 06:54:03 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{9F5C8E12-CE6D-40BD-94DF-F7BB9E73C831}
      [2012/12/09 02:20:19 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{1471F1D7-35F2-414C-AD43-7E3260A9C92E}
      [2012/12/08 08:00:47 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{F373DAC4-47A3-4D74-847D-0CDF8EE8CE5E}
      [2012/12/07 19:52:14 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{89F62BAE-6C84-4628-8453-268C541D751F}
      [2012/12/07 07:51:49 | 000,000,000 | ---D | C] -- C:\Users\ffabiar\AppData\Local\{82DAC72E-7863-41C8-AAC7-B4FD7F01C16A}
      [2012/11/25 12:36:21 | 011,004,488 | ---- | C] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe

      ========== Files - Modified Within 30 Days ==========

      [2013/01/05 10:17:59 | 000,000,384 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job
      [2013/01/05 10:17:45 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
      [2013/01/05 10:17:37 | 2356,580,352 | -HS- | M] () -- C:\hiberfil.sys
      [2013/01/05 10:04:27 | 000,000,316 | ---- | M] () -- C:\windows\tasks\GlaryInitialize.job
      [2013/01/05 10:04:26 | 000,001,086 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/01/04 22:09:04 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/01/04 22:09:04 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/01/04 19:12:47 | 000,011,382 | ---- | M] () -- C:\UsbFix_Upload_Me_FFABIAR-PC.zip
      [2013/01/04 19:07:45 | 000,748,834 | ---- | M] () -- C:\windows\System32\perfh00A.dat
      [2013/01/04 19:07:45 | 000,654,842 | ---- | M] () -- C:\windows\System32\perfh009.dat
      [2013/01/04 19:07:45 | 000,158,904 | ---- | M] () -- C:\windows\System32\perfc00A.dat
      [2013/01/04 19:07:45 | 000,121,714 | ---- | M] () -- C:\windows\System32\perfc009.dat
      [2013/01/04 18:39:11 | 000,001,090 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/01/04 17:36:30 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts
      [2013/01/03 18:22:03 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/01/03 10:45:11 | 000,001,118 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-358164309-4232575641-890690589-1000UA.job
      [2013/01/02 20:26:11 | 000,000,064 | ---- | M] () -- C:\windows\System32\rp_stats.dat
      [2013/01/02 20:26:11 | 000,000,044 | ---- | M] () -- C:\windows\System32\rp_rules.dat
      [2013/01/02 15:25:30 | 000,002,119 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
      [2013/01/02 15:00:26 | 105,024,606 | ---- | M] () -- C:\windows\System32\drivers\AVG\incavi.avm
      [2013/01/02 14:59:10 | 000,001,053 | ---- | M] () -- C:\Users\ffabiar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
      [2012/12/29 10:44:11 | 000,001,066 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-358164309-4232575641-890690589-1000Core.job
      [2012/12/22 09:59:23 | 004,318,712 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
      [2012/12/19 17:17:10 | 000,568,739 | ---- | M] () -- C:\windows\System32\drivers\AVG\iavichjg.avm
      [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
      [2012/12/11 20:16:12 | 000,000,132 | ---- | M] () -- C:\Users\ffabiar\AppData\Roaming\Adobe PNG Format CS5 Prefs

      ========== Files Created - No Company Name ==========

      [2013/01/04 23:01:09 | 000,000,384 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job
      [2013/01/04 19:12:47 | 000,011,382 | ---- | C] () -- C:\UsbFix_Upload_Me_FFABIAR-PC.zip
      [2013/01/03 18:22:03 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/01/02 15:25:30 | 000,002,131 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
      [2013/01/02 15:25:30 | 000,002,119 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
      [2012/10/16 11:04:37 | 000,007,635 | ---- | C] () -- C:\Users\ffabiar\AppData\Local\Resmon.ResmonCfg
      [2012/06/18 13:11:37 | 000,016,432 | ---- | C] () -- C:\windows\System32\lsdelete.exe
      [2012/02/25 20:23:54 | 000,000,064 | ---- | C] () -- C:\windows\System32\rp_stats.dat
      [2012/02/25 20:23:54 | 000,000,044 | ---- | C] () -- C:\windows\System32\rp_rules.dat
      [2012/01/11 14:26:41 | 000,001,456 | ---- | C] () -- C:\Users\ffabiar\AppData\Local\Adobe Save for Web 12.0 Prefs
      [2012/01/03 10:07:11 | 000,000,132 | ---- | C] () -- C:\Users\ffabiar\AppData\Roaming\Adobe GIF Format CS5 Prefs
      [2012/01/03 08:39:11 | 000,021,764 | ---- | C] () -- C:\windows\System32\CoreAAC-uninstall.exe
      [2011/12/27 18:18:52 | 000,262,866 | ---- | C] () -- C:\windows\IPUI_DivXG400.exe
      [2011/08/30 17:03:36 | 000,000,132 | ---- | C] () -- C:\Users\ffabiar\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
      [2011/08/18 17:53:14 | 000,000,132 | ---- | C] () -- C:\Users\ffabiar\AppData\Roaming\Adobe PNG Format CS5 Prefs
      [2011/07/12 20:38:58 | 000,032,107 | ---- | C] () -- C:\Users\ffabiar\AppData\Roaming\Valores separados por comas (DOS).ADR
      [2011/05/30 13:55:17 | 000,016,053 | ---- | C] () -- C:\Users\ffabiar\AppData\Roaming\Valores separados por comas (DOS).EML
      [2011/05/26 23:18:12 | 000,004,096 | -H-- | C] () -- C:\Users\ffabiar\AppData\Local\keyfile3.drm

      ========== ZeroAccess Check ==========

      [2009/07/14 01:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 09:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 22:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/10/02 16:00:16 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Ad-Aware Antivirus
      [2011/11/02 09:59:42 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\AVG2012
      [2012/01/20 12:45:36 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\avidemux
      [2012/10/23 09:53:37 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\BitZipper
      [2011/08/06 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Broad Intelligence
      [2012/10/25 15:50:21 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\BSplayer
      [2012/10/24 23:58:01 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\BSplayer Pro
      [2012/06/16 13:46:02 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Calibrated Software, Inc
      [2012/03/28 21:11:13 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [2012/11/18 20:11:39 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\COWON
      [2013/01/05 10:04:55 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Dropbox
      [2013/01/04 09:32:30 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\FileZilla
      [2012/10/16 11:23:43 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\GlarySoft
      [2011/07/01 09:46:24 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\go
      [2012/06/16 13:02:44 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Gui4Cli
      [2012/10/24 10:58:28 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\GZero
      [2012/10/24 23:58:02 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Nullsoft
      [2012/08/17 17:57:29 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Pamela
      [2012/10/15 15:16:09 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\PCToolsFirewallPlus
      [2012/07/12 09:21:38 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\pdfforge
      [2010/12/06 11:49:26 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\PhotoScape
      [2011/06/24 22:31:05 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\PlayFirst
      [2010/11/06 07:04:26 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Publish Providers
      [2012/10/16 20:26:44 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
      [2012/10/17 11:19:00 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\SeriousBit
      [2012/11/10 11:08:19 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Sony
      [2010/11/07 18:04:47 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Sony Creative Software
      [2012/10/16 10:55:49 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Sony Creative Software Inc
      [2011/05/07 23:35:46 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Unity
      [2012/10/15 09:33:21 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\URSoft
      [2012/11/18 20:12:30 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\uTorrent
      [2011/08/15 21:08:15 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\Windows Live Writer
      [2012/05/21 12:38:25 | 000,000,000 | ---D | M] -- C:\Users\ffabiar\AppData\Roaming\YourFileDownloader

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2013/01/05 10:17:35 | 000,093,519 | ---- | M] () -- C:\aaw7boot.log
      [2010/11/17 14:19:32 | 000,000,056 | -H-- | M] () -- C:\AT-Cuarentena
      [2013/01/05 10:15:46 | 000,022,286 | ---- | M] () -- C:\AT-Destroyer.txt
      [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2009/06/10 18:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2013/01/05 10:17:37 | 2356,580,352 | -HS- | M] () -- C:\hiberfil.sys
      [2011/02/24 23:15:16 | 000,001,126 | ---- | M] () -- C:\Imágenes - Acceso directo.lnk
      [2011/03/27 22:32:41 | 000,000,000 | ---- | M] () -- C:\IO.SYS
      [2011/07/26 09:45:35 | 000,000,358 | ---- | M] () -- C:\IPH.PH
      [2013/01/04 21:53:47 | 000,141,252 | ---- | M] () -- C:\lopR.txt
      [2011/03/27 22:32:41 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS
      [2013/01/05 10:17:37 | 1996,488,703 | -HS- | M] () -- C:\pagefile.sys
      [2010/01/06 05:55:39 | 000,002,047 | ---- | M] () -- C:\RHDSetup.log
      [2010/01/06 06:29:00 | 000,000,166 | ---- | M] () -- C:\Setup.log
      [2013/01/04 19:12:47 | 000,009,531 | ---- | M] () -- C:\UsbFix.txt
      [2013/01/04 19:12:47 | 000,011,382 | ---- | M] () -- C:\UsbFix_Upload_Me_FFABIAR-PC.zip

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 143 bytes -> C:\Users\ffabiar\AppData\Roaming\Valores separados por comas (DOS).EML:OECustomProperty
      @Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:A42A9F39
      @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:4CF61E54
      @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:C31F31E6
      @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:ABE89FFE
      @Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:B3D74A13

      < End of report >

    3. #23
      Usuario Avatar de ferfa81
      Registrado
      oct 2012
      Ubicación
      Buenos Aires
      Mensajes
      16

      Re: Virus me modifica PC Tools Firewall Plus

      Marr0n, sigo con el mismo problema.
      Se inicia normalmente y se empieza a tildar, me avisa que ha sido modificado el firewall, me pide autorización para todo lo que se quiere conectar a internet debido a que la configuración y los permisos anteriores en firewall se han borrado hasta que se tilda del todo y me dice que Microsoft Windows no responde... decid esperar, pero sigue sin responder.
      En modo seguro puedo entrar, conectarme a internet, abrir programas como photoshop, skype, etc... el audio no lo puedo usar (supongo que es normal en modo seguro)... qué otra información te puedo dar? algún dato específico que necesites...

    4. #24
      Ex-Colaborador Avatar de Marr0n
      Registrado
      mar 2010
      Ubicación
      Catalunya
      Mensajes
      5.871

      Re: Virus me modifica PC Tools Firewall Plus

      Perdona que no te haya contestado antes, pues no me he podido dedicar al foro.

      ¿Como sigue el problema?

      Salu2.
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #25
      Usuario Avatar de WarlockSama
      Registrado
      dic 2012
      Ubicación
      Banderbill
      Mensajes
      112

      Re: Virus me modifica PC Tools Firewall Plus

      Disculpa marr0n, estaba de paso leyendo esto y note algo extraño, el tiene 4 antivirus:
      C:\Program Files\AVG
      C:\Program Files\McAfee
      C:\Program Files\Panda Security
      C:\Program Files\Windows Defender

      Y 2 protectores en tiempo real de web (creo q se dice asi)
      C:\Program Files\Common Files\AVG Secure Search
      C:\ProgramData\SiteAdvisor

      Te lo digo por si no lo notaste :S
      Última edición por WarlockSama fecha: 16/02/13 a las 20:47:28

    Página 3 de 3 PrimeroPrimero 123