• Registrarse
  • Iniciar sesión


  • Página 2 de 3 PrimeroPrimero 123 ÚltimoÚltimo
    Resultados 11 al 20 de 25

    posible virus

    Hola Ya falta poco... 1.- Abrir el Notepad (Bloc de Notas) Ir a INICIO > EJECUTAR > Y ahí pones notepad.exe y ACEPTAR 2.- Ahora copia y pega estos archivos dentro del Notepad Código: KillAll:: ...

    1. #11
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: posible virus

      Hola


      Ya falta poco...

      1.-Abrir el Notepad (Bloc de Notas)
      • Ir a INICIO > EJECUTAR >
      • Y ahí pones notepad.exe y ACEPTAR

      2.-Ahora copia y pega estos archivos dentro del Notepad

      Código:
      KillAll::
      
      ClearJavaCache:: 
      
      Folder::
      c:\users\win\AppData\Local\panda4_0dn
      c:\programdata\Panda Security URL Filtering
      c:\program files (x86)\Toolbar Cleaner
      c:\users\win\AppData\Roaming\Panda Security
      c:\program files (x86)\pandasecuritytb
      c:\programdata\Panda Security
      c:\program files (x86)\Panda Security
      
      Registry::
      [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
      [-HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
      
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "Panda Security URL Filtering"=-
      
      DDS:: 
      uStart Page = hxxp://westernunion.com
      uInternet Settings,ProxyOverride = <local>;*.local
      
      FireFox::
      FF - ProfilePath - c:\users\win\AppData\Roaming\Mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\
      FF - prefs.js: browser.startup.homepage - hxxp://westernunion.com
      FF - ExtSQL: 2013-02-13 23:27; stefanvandamme@stefanvd.net; c:\users\win\AppData\Roaming\Mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\extensions\stefanvandamme@stefanvd.net.xpi
      FF - ExtSQL: 2013-02-15 16:44; {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}; c:\users\win\AppData\Roaming\Mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
      3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

      4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

      • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    2. #12
      Usuario Avatar de rusty s
      Registrado
      feb 2013
      Ubicación
      canada
      Mensajes
      14

      Re: posible virus

      probe la computadora, de pronto anda bien y otras veces se sigue trabando al abrir inicio y tratar de apagarla normalmente, o cuando abro mediaplayer... ocupo probar como anda en internet...

      *no puedo pegar el reporte, dice que es demasdiado largo

    3. #13
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: posible virus

      Hola:


      Utiliza los mensajes que necesitas para pegar el reporte.

      Para optimizar el equipo realiza lo siguiente::



      Paso 1.- Descarga, instala y actualiza los siguientes programas:




      Paso 2.-
      Los ejecutas de a uno en el siguiente orden:

      Ccleaner.
      • Ejecutalo en sus dos opciones limpiador y registro
      • Haciendo Copia Seguridad cuando te lo pida


      Glary Utilities

      • Lo instalas y actualizas (Pestaña Estado)
      • Optimizas de acuerdo a su Manual
      • Vas a su pestaña Mantenimiento 1 Clic.
      • Presionas el botón Ver Resultados.
      • Espera a que termine y presionas Reparar Problemas.



      Paso 3.-
      Desfragmenta tu Disco.>>> Manual de Defraggler


      Nos cuentas.

      Salu2..

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #14
      Usuario Avatar de rusty s
      Registrado
      feb 2013
      Ubicación
      canada
      Mensajes
      14

      Re: posible virus

      bueno aqui esta el reporte entonces:

      ------------



      ComboFix 13-02-21.02 - win 02/21/2013 20:25:22.3.2 - x64
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2781 [GMT -8:00]
      Running from: c:\users\win\Desktop\ComboFix.exe
      Command switches used :: c:\users\win\Desktop\CFScript.txt.txt
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files (x86)\pandasecuritytb
      c:\program files (x86)\pandasecuritytb\adawaretb.xml
      c:\program files (x86)\pandasecuritytb\chrome\content\custom.js
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\about.xml
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\dtxpanel.xul
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\dtxpaneltransparent.xul
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\dtxpanelwin.xul
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\dtxprefwin.xul
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\dtxtransparentwin.xul
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\dtxwin.xul
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\emailnotifierproviders.xml
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\external.js
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\neterror.xhtml
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\rsspreview.html
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\rsswin.xml
      c:\program files (x86)\pandasecuritytb\chrome\content\lib\rsswin.xsl
      c:\program files (x86)\pandasecuritytb\chrome\content\modules\datastore.jsm
      c:\program files (x86)\pandasecuritytb\chrome\content\modules\nsDragAndDrop.js
      c:\program files (x86)\pandasecuritytb\chrome\content\newtab\images\bullet.gif
      c:\program files (x86)\pandasecuritytb\chrome\content\newtab\images\field_bg.gif
      c:\program files (x86)\pandasecuritytb\chrome\content\newtab\images\powered_by_yahoo.gif
      c:\program files (x86)\pandasecuritytb\chrome\content\newtab\newtab.html
      c:\program files (x86)\pandasecuritytb\chrome\content\partner.xml
      c:\program files (x86)\pandasecuritytb\chrome\content\preferences.xml
      c:\program files (x86)\pandasecuritytb\chrome\content\toolbar.htm
      c:\program files (x86)\pandasecuritytb\chrome\content\toolbar.xul
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.http://www.BrowserDataCleaner\ClearB...DataDialog.xml
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\tb_icon.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\widget.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\widget.xml
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\.project
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\css\appversion.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\css\dialog.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\css\IE7Styles.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\css\jquery.tooltip.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\css\scrolbar.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\ico-coupon-hover.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\ico-coupon.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\ico-coupon1.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\images\bg-scrollbar-thumb-y.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\images\bg-scrollbar-track-y.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.http://www.Coupons_v4\images\bg-scro...rackend-yd.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\images\btn-activate-over.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\images\btn-activate.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\images\check.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\images\copy.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\images\delete.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\images\loader.gif
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\images\ui-check-box.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\index.html
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\jquery.contextMenu.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\jquery.contextMenu.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\.#jquery.tooltip.js.1.1.2.1
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\appversion.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\jquery-1.4.2.min.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\jquery.cookie.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\jquery.event.wheel.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\jquery.pagination.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\jquery.scrollTo-min.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\jquery.tinyscrollbar.min.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\jquery.tooltip.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\jquery.tooltip.js.bak
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\JSON.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\listnav.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\js\main.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\page_white_copy.gif
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel.html
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\css\appversion.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\css\dialog.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\css\IE7Styles.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\bgpanel.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\btn-buy.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\btn-close.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\btn-getcoupon.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\btn-search.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.http://www.Coupons_v4\panel\images\b...ons-disabl.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.http://www.Coupons_v4\panel\images\b...upons-over.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\btn-viewcoupons.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\check.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\coupon-bg.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\delete.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\no-image.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\save-sml.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.http://www.Coupons_v4\panel\images\u...ox-uncheck.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\images\ui-check-box.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\js\defscript.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\panel\main.html
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\partner.xml
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\placeholder-logo.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\css\appversion.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\css\dialog.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\css\dialog2.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\css\IE7Styles.css
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.http://www.Coupons_v4\skin\images\bg...ar-thumb-y.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.http://www.Coupons_v4\skin\images\bg...ar-track-y.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.http://www.Coupons_v4\skin\images\bg...trackend-y.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\bg_top.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\bgpanel-1.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\btn-activate-over.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\btn-activate.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\btn-buy.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\btn-close.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\btn-getcoupon.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\btn-search.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\check.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\coupon-activated.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\default.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\delete.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\images\ui-check-box.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\js\appversion.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\js\jquery-1.4.2.min.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\js\jquery.event.wheel.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\js\jquery.pagination.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\js\jquery.scrollTo-min.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.http://www.Coupons_v4\skin\js\jquery...rollbar.min.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\js\JSON.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\js\listnav.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\js\main.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\skin\main.html
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\tb_icon.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\tb_icon1.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\unchecked.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\widget.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\widget.xml
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\widget_version.txt
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.Coupons_v4\widget_version.txt.bak
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\tb_icon.png
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\widget.js
      c:\program files (x86)\pandasecuritytb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\widget.xml
      c:\program files (x86)\pandasecuritytb\chrome\data\search\engines.xml
      c:\program files (x86)\pandasecuritytb\chrome\data\search\search.xsl
      c:\program files (x86)\pandasecuritytb\chrome\locale\lib\de.js
      c:\program files (x86)\pandasecuritytb\chrome\locale\lib\en.js
      c:\program files (x86)\pandasecuritytb\chrome\locale\lib\es.js
      c:\program files (x86)\pandasecuritytb\chrome\locale\lib\fr.js
      c:\program files (x86)\pandasecuritytb\chrome\locale\lib\it.js
      c:\program files (x86)\pandasecuritytb\chrome\locale\toolbar\de.js
      c:\program files (x86)\pandasecuritytb\chrome\locale\toolbar\en.js
      c:\program files (x86)\pandasecuritytb\chrome\locale\toolbar\es.js
      c:\program files (x86)\pandasecuritytb\chrome\locale\toolbar\fr.js
      c:\program files (x86)\pandasecuritytb\chrome\locale\toolbar\it.js
      c:\program files (x86)\pandasecuritytb\chrome\skin\ActiveScan.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\blekko16.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\bluelite.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\bluesky.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-safe-de.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-safe-en.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-safe-es.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-safe-fr.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-safe-it.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-safe.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-search-de-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-search-de.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-search-en-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-search-en.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-search-es-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-search-es.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-search-fr-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-search-fr.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-search-it-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-search-it.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-settings-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-settings.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-unsafe-de.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-unsafe-en.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-unsafe-es.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-unsafe-fr.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-unsafe-it.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\btn-unsafe.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\custom.css
      c:\program files (x86)\pandasecuritytb\chrome\skin\dictionary.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\downloadcom.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\facebook.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\games.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\grey.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\ico-cleaner.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\ico-clear.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\images.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\add.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\aol.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\arrow-dn.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\arrow-right-disabled.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\arrow-right.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\arrow-up.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\bg-btn-end.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\bg-btn-mdl.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\bg-btn-mdl_ff.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\bg-btn-start.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\bg-btnover-end.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\bg-btnover-mdl.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\bg-btnover-mdl_ff.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\bg-btnover-start.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\blank.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\btnback-down-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\btnback-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\btnleft-down-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\btnleft-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\btnright-down-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\btnright-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\button-splitter-down-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\button-splitter-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\checkmark.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\chevron.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\collapse.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\comcast.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\dtx.css
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\edit-back-hot.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\edit-back.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\expand.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\found.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\gmail.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\highlight.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\highlight_blue.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\highlight_cyan.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\highlight_lime.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\highlight_magenta.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\highlight_yellow.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\hotmail.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\imap.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\lastsearch-thumb-back.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\loadingMid.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\lock.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\mailcom.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\menu_bg-basic.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\menu_separator_bar.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\menuitem-splitter.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\menuitemback-down-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\menuitemback-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\menuitemleft-down-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\menuitemleft-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\menuitemright-down-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\menuitemright-vista.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\modify.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\move.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\movetarget.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\css\ie-only.css
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\css\ie7-only.css
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\css\popupAbout.css
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\css\popupWidgets.css
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\css\dialog.css
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\bg.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\btn-close-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\btn-close.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\btn-wide-close.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\default.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\footer-short-left.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\footer-short-middle.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\footer-short-right.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\titlebar-left.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\titlebar-middle.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\titlebar-right.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\transparent.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\win-btm-left.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\win-btm-mdl.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\images\win-btm-right.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\main.html
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\default\scripts\defscript.js
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ajax-loader.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\apps-bg-gradient-grid.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\apps-hover.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\appsfeatured-bg-gradient-grid.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrow-down-white.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrow-left.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrow-right.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrow-sml-drop.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrow-sml.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\arrowr-bluew5.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-aboutbox.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-btnover.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-pnl520x390.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-scrollbar-thumb-y.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-scrollbar-track-y.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\bg-scrollbar-trackend-y.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-add-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-add.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-close-grey-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-close-grey.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-close-greyover.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-close-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-close.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-left22-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-left22.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-middle22-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-middle22.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-right22-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-dark-right22.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-drag.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-install.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-launch-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-launch.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-mdl-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-mdl.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-next-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-next.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-previous-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-previous.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-right-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\categories-bg-gradient-grid.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\featured-bg-btm-gradient.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\footer-short-left.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\footer-short-middle.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\footer-short-right.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\gamethumb-on.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-box-next.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-calendar.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-download.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-info-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-info.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-pref-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-pref.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-tags.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\ico-user-monitor.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-Add.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\icon-Info.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\left-menu-hover.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\menul-bgon.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\menul-bgover.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\panel-botm-noscroll.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scroll-bg-206.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scroll-bg.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scroll-topwin.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollb-disable.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollb-down.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollb-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollb.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollt-disable.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollt-down.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollt-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\scrollt.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\searchbox.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\searchboxlite.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\searchboxlite_end.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\shadow-leftmenu.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\sprite-dropdown.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\star.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\star_blank.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\star_x_grey.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\star_x_orange.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\throbber.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\titlebar-left.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\titlebar-middle.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\titlebar-right.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\topbar-inside-gradient.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\TRUSTe_about.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\view-detailed-on.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\view-detailed-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\view-thumb-on.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\view-thumb-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\widgets-square-16px.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\widgets-square-24px.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-bottom-middleglow.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-left-bottomglow.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-left-middleglow.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-left-topglow.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-right-bottomglow.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-right-middleglow.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-right-topglow.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\images\win-top-middleglow.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\default.js
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery-ui.js
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.js
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.tinyscrollbar.js
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.tinyscrollbar.min.js
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.uniform.min.js
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\jquery.url.js
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\js\kendo.all.min.js
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\panels\popupWidgets.html
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\pop.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\radio.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\reload.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\remove.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\rename.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\resize-box.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\rss.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\rsschannelback.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\RSSLogo.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\rsstabdivider.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\scroll-left.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\scroll-right.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\search-go.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\search.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\text-ellipsis.xml
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\throbber.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\toolbarsplitter.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\transparent_1px.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_02.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_03.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_04.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_06.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_07.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_08.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_09.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_10.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_11.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_12.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_13.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_14.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_15.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_16.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_18.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_19.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_20.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\border_21.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\btn-close-grey.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\btn-close-greyover.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\close-hot.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\close-normal.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\loadingMid.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\paneltemplate.html
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\proxy.html
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\template.html
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\template.xml
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\templateFF.html
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\uwa\throbber.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\icons\cond999.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\icons\icons.xml
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\icons\na-s.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\icons\na.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\icons\weather.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\add.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\box-check.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\popupWeather.css
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\weatherbutton\panels\popupWeather.html
      c:\program files (x86)\pandasecuritytb\chrome\skin\lib\yahoo.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\lichen.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\logo-about.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\logo-over.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\logo.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\modify-save.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\modify.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\music.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\news.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\options\options-main.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\options\options-search.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\options\options-weather.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\options\options-widgets.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\orange.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\panda_small.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\search-background-de.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\search-background-en.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\search-background-es.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\search-background-fr.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\search-background-it.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\search-background.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\shopping.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\skin-bluelite.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\skin-bluesky.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\skin-grey.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\skin-lichen.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\skin-orange.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\skin-yellow.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\technorati.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\throbber.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\toolbarsplitter.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\vertical_separator.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\web.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\wikipedia.png
      c:\program files (x86)\pandasecuritytb\chrome\skin\yellow.gif
      c:\program files (x86)\pandasecuritytb\chrome\skin\youtube.png
      c:\program files (x86)\pandasecuritytb\components\windowmediator.js

    5. #15
      Usuario Avatar de rusty s
      Registrado
      feb 2013
      Ubicación
      canada
      Mensajes
      14

      Re: posible virus

      c:\program files (x86)\pandasecuritytb\dtUser.exe
      c:\program files (x86)\pandasecuritytb\ffHelper.exe
      c:\program files (x86)\pandasecuritytb\ieUtils.exe
      c:\program files (x86)\pandasecuritytb\install.ico
      c:\program files (x86)\pandasecuritytb\manifest.xml
      c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll
      c:\program files (x86)\pandasecuritytb\pandasecuritytb.dll
      c:\program files (x86)\pandasecuritytb\search.ico
      c:\program files (x86)\pandasecuritytb\uninstall.exe
      c:\program files (x86)\Toolbar Cleaner
      c:\program files (x86)\Toolbar Cleaner\guid.dat
      c:\program files (x86)\Toolbar Cleaner\install.ico
      c:\program files (x86)\Toolbar Cleaner\ToolbarCleaner.exe
      c:\program files (x86)\Toolbar Cleaner\toolbarcleaner.ini
      c:\program files (x86)\Toolbar Cleaner\uninstall.exe
      c:\programdata\Panda Security URL Filtering
      c:\programdata\Panda Security URL Filtering\guid.dat
      c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.dll
      c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe
      c:\programdata\Panda Security URL Filtering\uninstall.exe
      c:\programdata\Panda Security
      c:\users\win\AppData\Local\panda4_0dn
      c:\users\win\AppData\Local\panda4_0dn\catalog.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216004004-f.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216034435-f.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216041521-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216041521-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216044608-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216044608-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216051651-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216051651-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216054736-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216054736-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216061822-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216061822-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216064908-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216064908-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216072108-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216072108-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216075152-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216075152-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216082233-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216082233-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216085316-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216085316-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216092359-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216092359-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216102521-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216102521-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216105608-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216105608-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216112651-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216112651-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216115736-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216115736-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216122819-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216122819-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216132942-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216132942-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216140026-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216140026-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216143107-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216143107-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216153231-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216153231-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216160316-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216160316-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216163400-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216163400-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216170435-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216170435-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216173517-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216173517-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216180554-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216180554-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216183641-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216183641-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216190717-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216190717-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216193759-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216193759-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216200838-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216200838-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216203921-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216203921-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216210957-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216210957-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216214039-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216214039-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216221116-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216221116-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216224158-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216224158-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216231251-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216231251-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216234339-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130216234339-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217001416-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217001416-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217004500-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217004500-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217011536-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217011536-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217014623-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217014623-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217021701-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217021701-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217024745-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217024745-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217031823-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217031823-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217034907-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217034907-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217041943-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217041943-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217045025-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217045025-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217052101-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217052101-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217055144-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217055144-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217062221-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217062221-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217072536-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217072536-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217075617-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217075617-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217082652-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217082652-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217085734-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217085734-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217092808-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217092808-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217095850-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217095850-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217102925-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217102925-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217110006-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217110006-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217113041-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217113041-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217120123-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217120123-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217123159-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217123159-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217130241-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217130241-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217133418-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217133418-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217140746-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217140746-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217143830-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217143830-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217150932-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217150932-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217154026-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217154026-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217161108-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217161108-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217164153-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217164153-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217171242-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217171242-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217174325-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217174325-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217181408-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217181408-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217184451-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217184451-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217191534-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217191534-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217194620-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217194620-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217201704-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217201704-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217204748-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217204748-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217211832-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217211832-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217222000-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217222000-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217225050-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217225050-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217232137-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217232137-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217235225-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130217235225-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218002312-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218002312-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218005359-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218005359-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218012447-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218012447-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218022620-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218022620-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218032751-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218032751-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218035836-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218035836-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218042920-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218042920-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218053049-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218053049-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218060137-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218060137-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218063222-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218063222-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218070308-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218070308-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218073547-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218073547-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218080624-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218080624-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218083705-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218083705-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218090742-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218090742-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218093824-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218093824-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218100900-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218100900-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218103942-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218103942-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218111020-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218111020-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218114105-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218114105-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218121147-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218121147-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218131307-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218131307-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218141425-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218141425-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218144508-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218144508-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218151557-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218151557-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218161718-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218161718-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218164802-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218164802-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218171841-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218171841-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218174925-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218174925-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218182002-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218182002-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218185047-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218185047-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218192129-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218192129-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218202253-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218202253-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218205341-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218205341-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218212419-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218212419-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218215502-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218215502-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218222540-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218222540-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218232657-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218232657-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218235741-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130218235741-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219002819-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219002819-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219012939-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219012939-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219023100-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219023100-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219033222-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219033222-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219040305-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219040305-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219043352-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219043352-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219050437-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219050437-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219053524-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219053524-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219060608-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219060608-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219063656-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219063656-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219070917-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219070917-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219073959-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219073959-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219081040-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219081040-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219084125-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219084125-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219091208-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219091208-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219094255-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219094255-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219101342-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219101342-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219104428-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219104428-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219111516-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219111516-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219114602-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219114602-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219121646-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219121646-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219124731-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219124731-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219131815-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219131815-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219134859-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219134859-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219141942-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219141942-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219145026-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219145026-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219152116-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219152116-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219155202-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219155202-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219162238-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219162238-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219165322-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219165322-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219172407-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219172407-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219182538-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219182538-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219185626-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219185626-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219192710-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219192710-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219195755-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219195755-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219202838-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219202838-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219213003-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219213003-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219223129-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219223129-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219230215-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219230215-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219233303-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130219233303-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220000351-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220000351-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220003434-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220003434-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220010535-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220010535-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220013626-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220013626-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220020705-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220020705-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220023753-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220023753-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220030831-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220030831-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220033915-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220033915-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220040952-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220040952-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220044036-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220044036-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220051114-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220051114-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220054158-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220054158-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220061235-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220061235-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220064319-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220064319-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220071503-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220071503-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220074543-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220074543-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220081619-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220081619-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220084701-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220084701-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220091737-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220091737-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220094822-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220094822-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220101858-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220101858-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220104940-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220104940-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220112022-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220112022-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220115105-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220115105-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220122147-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220122147-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220125230-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220125230-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220132307-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220132307-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220135350-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220135350-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220142427-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220142427-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220152545-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220152545-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220155627-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220155627-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220162704-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220162704-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220165749-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220165749-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220172829-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220172829-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220175916-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220175916-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220182954-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220182954-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220190037-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220190037-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220193116-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220193116-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220200202-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220200202-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220203241-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220203241-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220210327-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220210327-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220213415-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220213415-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220220505-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220220505-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220223557-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220223557-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220230642-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220230642-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220233730-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130220233730-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221000819-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221000819-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221003911-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221003911-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221011005-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221011005-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221014056-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221014056-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221021145-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221021145-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221024240-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221024240-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221031350-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221031350-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221034446-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221034446-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221041543-l.list
      c:\users\win\AppData\Local\panda4_0dn\data\130221041543-m.list
      c:\users\win\AppData\Local\panda4_0dn\data\temp.zip
      c:\users\win\AppData\Roaming\Mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\extensions\stefanvandamme@stefanvd.net.xpi
      c:\users\win\AppData\Roaming\Panda Security
      .
      .
      ((((((((((((((((((((((((( Files Created from 2013-01-22 to 2013-02-22 )))))))))))))))))))))))))))))))
      .
      .
      2013-02-20 04:46 . 2013-02-21 03:32 -------- d-----w- c:\programdata\boost_interprocess
      2013-02-20 04:35 . 2013-02-20 04:35 -------- d-----w- c:\users\win\AppData\Roaming\NVIDIA
      2013-02-20 02:05 . 2013-02-20 02:07 -------- d-----w- c:\users\Guest
      2013-02-18 22:49 . 2013-02-18 22:49 -------- d-----w- c:\users\win\AppData\Roaming\Malwarebytes
      2013-02-18 22:49 . 2013-02-18 22:49 -------- d-----w- c:\programdata\Malwarebytes
      2013-02-18 22:49 . 2012-12-15 00:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
      2013-02-18 22:49 . 2013-02-18 22:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2013-02-18 22:48 . 2013-02-18 22:48 -------- d-----w- c:\users\win\AppData\Local\Programs
      2013-02-17 07:43 . 2013-02-18 20:39 6080 ----a-w- c:\programdata\NanoRepository.bin
      2013-02-16 22:18 . 2012-10-30 23:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
      2013-02-16 22:18 . 2012-10-30 23:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
      2013-02-16 22:18 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
      2013-02-16 22:18 . 2012-10-30 23:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
      2013-02-16 22:18 . 2012-10-30 23:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
      2013-02-16 22:18 . 2012-10-30 23:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
      2013-02-16 22:18 . 2012-10-30 23:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
      2013-02-16 22:17 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
      2013-02-16 22:17 . 2012-10-30 23:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
      2013-02-16 22:16 . 2013-02-16 22:16 -------- d-----w- c:\programdata\AVAST Software
      2013-02-16 22:16 . 2013-02-16 22:16 -------- d-----w- c:\program files\AVAST Software
      2013-02-16 21:39 . 2013-02-19 22:06 -------- d-----w- c:\users\win\AppData\Roaming\Ovep
      2013-02-15 18:12 . 2013-02-15 18:12 -------- d-----w- C:\found.002
      2013-02-15 17:00 . 2013-02-17 00:13 -------- d-----w- c:\users\win\AppData\Roaming\Ocdor
      2013-02-09 19:50 . 2013-02-09 19:50 16365936 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
      2013-02-05 11:17 . 2013-02-05 11:17 -------- d-----w- c:\program files (x86)\7-Zip
      2013-02-04 08:59 . 2013-02-04 08:59 -------- d-----w- C:\found.001
      2013-02-03 06:19 . 2013-02-03 06:19 -------- d-----w- C:\found.000
      2013-01-30 18:04 . 2013-01-30 18:04 550176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-02-09 19:50 . 2012-12-06 02:25 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2013-02-09 19:50 . 2011-10-25 16:48 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-01-31 20:33 . 2011-10-19 16:12 2826040 ----a-w- c:\windows\system32\nvapi64.dll
      2013-01-30 16:32 . 2011-10-19 16:12 6391584 ----a-w- c:\windows\system32\nvcpl.dll
      2013-01-30 16:32 . 2011-10-19 16:12 3460384 ----a-w- c:\windows\system32\nvsvc64.dll
      2013-01-30 16:32 . 2011-10-19 16:12 884512 ----a-w- c:\windows\system32\nvvsvc.exe
      2013-01-30 16:32 . 2011-10-19 16:12 63776 ----a-w- c:\windows\system32\nvshext.dll
      2013-01-30 16:32 . 2011-10-19 16:12 56096 ----a-w- c:\windows\system32\nv3dappshextr.dll
      2013-01-30 16:32 . 2011-10-19 16:12 2558240 ----a-w- c:\windows\system32\nvsvcr.dll
      2013-01-30 16:32 . 2011-10-19 16:12 118560 ----a-w- c:\windows\system32\nvmctray.dll
      2013-01-30 16:32 . 2011-10-19 16:12 1000224 ----a-w- c:\windows\system32\nv3dappshext.dll
      2012-12-11 21:07 . 2011-11-23 21:32 1843584 ----a-w- c:\windows\system32\Wintab32.dll
      2012-12-11 21:07 . 2011-11-23 21:32 1974144 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll
      2012-12-11 21:07 . 2011-11-23 21:32 1981312 ----a-w- c:\windows\system32\Pen_Tablet.dll
      2012-12-11 21:07 . 2011-11-23 21:32 1840000 ----a-w- c:\windows\system32\WacomMT.dll
      2012-12-11 21:07 . 2011-11-23 21:32 1621888 ----a-w- c:\windows\SysWow64\Pen_Touch_Tablet.dll
      2012-12-11 21:07 . 2011-11-23 21:32 1509760 ----a-w- c:\windows\SysWow64\Wintab32.dll
      2012-12-11 21:07 . 2011-11-23 21:32 1505664 ----a-w- c:\windows\SysWow64\WacomMT.dll
      2012-12-11 21:07 . 2011-11-23 21:32 1628544 ----a-w- c:\windows\SysWow64\Pen_Tablet.dll
      2012-12-04 00:36 . 2012-12-13 07:12 81824 ----a-w- c:\windows\system32\drivers\wachidrouter.sys
      2012-12-04 00:36 . 2012-12-13 07:12 13728 ----a-w- c:\windows\system32\drivers\hidkmdf.sys
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Akamai NetSession Interface"="c:\users\win\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
      "Driver Detective"="c:\program files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe" [2013-02-04 3547032]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2012-12-13 646744]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
      "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
      "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
      "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-25 1431888]
      R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys [2012-12-04 13728]
      R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2011-03-26 11776]
      R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
      R3 MRV6X64U;Belkin N1 Wireless USB Network Adapter Driver for Windows Vista x64;c:\windows\system32\DRIVERS\MRVW24C.sys [2007-11-30 347144]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
      R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
      R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
      R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys [2012-12-04 81824]
      R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2011-09-08 13312]
      R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys [2012-11-15 15776]
      R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-20 1255736]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
      S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-13 166400]
      S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-13 128512]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-15 398184]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-15 682344]
      S2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-23 86016]
      S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [2012-07-17 132056]
      S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-30 383264]
      S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe [2012-12-11 619904]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-15 24176]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-02-22 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-06 19:50]
      .
      2013-02-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1497939310-3903897186-3725360457-1000Core.job
      - c:\users\win\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-04 21:21]
      .
      2013-02-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1497939310-3903897186-3725360457-1000UA.job
      - c:\users\win\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-04 21:21]
      .
      2013-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1497939310-3903897186-3725360457-1000Core.job
      - c:\users\win\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-16 14:55]
      .
      2013-02-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1497939310-3903897186-3725360457-1000UA.job
      - c:\users\win\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-16 14:55]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-01-31 2041192]
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 192.168.1.254 75.153.176.9
      FF - ProfilePath - c:\users\win\AppData\Roaming\Mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\
      FF - ExtSQL: 2013-01-20 17:49; {a3a5c777-f583-4fef-9380-ad83b81bc4b7}; c:\users\win\AppData\Roaming\Mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\extensions\{a3a5c777-f583-4fef-9380-ad83b81bc4b7}.xpi
      FF - ExtSQL: 2013-02-13 23:27; {E6C93316-271E-4b3d-8D7E-FE11B4350AEB}; c:\users\win\AppData\Roaming\Mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\extensions\{E6C93316-271E-4b3d-8D7E-FE11B4350AEB}.xpi
      FF - ExtSQL: 2013-02-13 23:27; stefanvandamme@stefanvd.net; c:\users\win\AppData\Roaming\Mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\extensions\stefanvandamme@stefanvd.net.xpi
      FF - ExtSQL: 2013-02-15 16:44; {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}; c:\users\win\AppData\Roaming\Mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
      FF - ExtSQL: 2013-02-16 14:21; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
      FF - ExtSQL: 2013-02-18 23:06; {a3a5c777-f583-4fef-9380-ab4add1bc2a8}; c:\users\win\AppData\Roaming\Mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi
      .
      - - - - ORPHANS REMOVED - - - -
      .
      BHO-{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll
      AddRemove-Panda Security URL Filtering - c:\programdata\Panda Security URL Filtering\uninstall.exe
      AddRemove-pandasecuritytb - c:\program files (x86)\pandasecuritytb\uninstall.exe
      AddRemove-Toolbar Cleaner - c:\program files (x86)\Toolbar Cleaner\uninstall.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\S-1-5-21-1497939310-3903897186-3725360457-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="WindowsLiveMail.Email.1"
      .
      [HKEY_USERS\S-1-5-21-1497939310-3903897186-3725360457-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="WindowsLiveMail.VCard.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\AVAST Software\Avast\AvastSvc.exe
      c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      c:\program files\Tablet\Pen\WacomHost.exe
      .
      **************************************************************************
      .
      Completion time: 2013-02-21 20:43:42 - machine was rebooted
      ComboFix-quarantined-files.txt 2013-02-22 04:43
      ComboFix2.txt 2013-02-22 01:36
      ComboFix3.txt 2013-02-21 08:37
      .
      Pre-Run: 31,802,748,928 bytes free
      Post-Run: 31,591,219,200 bytes free
      .
      - - End Of File - - C2B7C986165D2E771DB0A2E2D72C5666

    6. #16
      Usuario Avatar de rusty s
      Registrado
      feb 2013
      Ubicación
      canada
      Mensajes
      14

      Re: posible virus

      Hago los nuevos pasos y les platico! gracias!

      saludos

    7. #17
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: posible virus

      Hola:


      Perfecto, optimiza el equipo y nos comentas como sigue.


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #18
      Usuario Avatar de rusty s
      Registrado
      feb 2013
      Ubicación
      canada
      Mensajes
      14

      Re: posible virus

      aqui sigo! no tuve tiempo en la semana!
      pero ya instale y segui tus pasos, pero aun algo anda alentando el windows, me corre el photoshop y maya juntos normal pero las ventanas de carpetas y sobre todo con mediaplayer sigue teniendo problemas
      en el defraggler, no termina, me quede en 92% y lo tuve que detener,
      como detalle extra, los cuadritos que deben ser de colores solo estaban en blanco y negro...

      y no estoy seguro si optimize bien :p

      gracias!
      saludos!

    9. #19
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: posible virus

      Hola:


      Realiza lo siguiente:




      Descarga OTL By OldTimer


      >>> Para Ejecutar OTL

      • Cerrar todos programas que tengas abiertos y hacer doble clic en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, solo debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Cita.
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        %PROGRAMFILES%\*.*
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.




      • Presionar el botón >>
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.




      Salu2

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #20
      Usuario Avatar de rusty s
      Registrado
      feb 2013
      Ubicación
      canada
      Mensajes
      14

      Re: posible virus

      hola hola
      eh aqui el nuevo reporte de OTL
      saludos! estamos en contacto:

      ----------

      OTL logfile created on: 2/26/2013 508 AM - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\win\Desktop
      64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

      4.00 Gb Total Physical Memory | 2.84 Gb Available Physical Memory | 71.06% Memory free
      8.00 Gb Paging File | 6.75 Gb Available in Paging File | 84.44% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 232.79 Gb Total Space | 51.48 Gb Free Space | 22.12% Space Free | Partition Type: NTFS

      Computer Name: WIN-PC | User Name: win | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\win\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
      PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Users\win\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
      PRC - C:\Program Files\Tablet\Pen\WacomHost.exe (Wacom Technology)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe (Symantec Corporation)
      PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe ()
      PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (WTabletServiceCon) -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (Wacom Technology, Corp.)
      SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
      SRV:64bit: - (mi-raysat_3dsmax2012_64) -- C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe ()
      SRV:64bit: - (EPSON_EB_RPCV4_04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
      SRV:64bit: - (EPSON_PM_RPCV4_04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
      SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (Norton PC Checkup Application Launcher) -- C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe (Symantec Corporation)
      SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (WacHidRouter) -- C:\Windows\SysNative\drivers\wachidrouter.sys (Wacom Technology)
      DRV:64bit: - (hidkmdf) -- C:\Windows\SysNative\drivers\hidkmdf.sys (Windows (R) Win 7 DDK provider)
      DRV:64bit: - (wacomrouterfilter) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys (Wacom Technology)
      DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
      DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology)
      DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
      DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (sscdserd) -- C:\Windows\SysNative\drivers\sscdserd.sys (MCCI Corporation)
      DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
      DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
      DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
      DRV:64bit: - (MRV6X64U) -- C:\Windows\SysNative\drivers\MRVW24C.sys (Marvell Semiconductor, Inc)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=as1212&chnl=as1212&cd=2XzuyEtN2Y1L1QzutDtDtC0FtC0FzzyB0FyB0BtAzyzy0E0AtN0D0Tzu0CtAtAzytN1L2XzutBtFtBtFtDtFtAyEyE&cr=1957751475
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=as1212&chnl=as1212&cd=2XzuyEtN2Y1L1QzutDtDtC0FtC0FzzyB0FyB0BtAzyzy0E0AtN0D0Tzu0CtAtAzytN1L2XzutBtFtBtFtDtFtAyEyE&cr=1957751475
      IE - HKLM\..\SearchScopes\{7ADC0DBE-8EBD-D069-835D-5D16D4D4D3B7}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 14 26 B0 5E D4 CC 01 [binary data]
      IE - HKCU\..\SearchScopes,DefaultScope =
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=as1212&chnl=as1212&cd=2XzuyEtN2Y1L1QzutDtDtC0FtC0FzzyB0FyB0BtAzyzy0E0AtN0D0Tzu0CtAtAzytN1L2XzutBtFtBtFtDtFtAyEyE&cr=1957751475
      IE - HKCU\..\SearchScopes\{7ADC0DBE-8EBD-D069-835D-5D16D4D4D3B7}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{8385231D-2A4C-430F-9534-25F59C9C5B86}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3225826
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

      ========== FireFox ==========

      FF - prefs.js..extensions.enabledAddons: %7Ba3a5c777-f583-4fef-9380-ad83b81bc4b7%7D:5.0
      FF - prefs.js..extensions.enabledAddons: %7BE6C93316-271E-4b3d-8D7E-FE11B4350AEB%7D:2.1.25
      FF - prefs.js..extensions.enabledAddons: %7BB821BF60-5C2D-41EB-92DC-3E4CCD3A22E4%7D:4.0
      FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
      FF - prefs.js..extensions.enabledAddons: %7Ba3a5c777-f583-4fef-9380-ab4add1bc2a8%7D:5.1
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
      FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
      FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
      FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
      FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\win\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\win\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\win\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
      FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/02/16 14:17:24 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/15 16:47:12 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

      [2013/01/12 20:28:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win\AppData\Roaming\mozilla\Extensions
      [2013/02/21 20:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win\AppData\Roaming\mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\extensions
      [2013/02/15 16:44:55 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\win\AppData\Roaming\mozilla\Firefox\Profiles\aps6lwm5.default-1358595843701\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
      [2013/02/18 23:06:39 | 000,014,005 | ---- | M] () (No name found) -- C:\Users\win\AppData\Roaming\mozilla\firefox\profiles\aps6lwm5.default-1358595843701\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi
      [2013/01/20 17:49:52 | 000,007,264 | ---- | M] () (No name found) -- C:\Users\win\AppData\Roaming\mozilla\firefox\profiles\aps6lwm5.default-1358595843701\extensions\{a3a5c777-f583-4fef-9380-ad83b81bc4b7}.xpi
      [2013/02/13 23:27:21 | 000,009,489 | ---- | M] () (No name found) -- C:\Users\win\AppData\Roaming\mozilla\firefox\profiles\aps6lwm5.default-1358595843701\extensions\{E6C93316-271E-4b3d-8D7E-FE11B4350AEB}.xpi
      [2013/02/02 2317 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
      [2013/02/16 14:17:24 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
      [2013/02/09 11:47:02 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2013/01/04 19:45:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2013/01/04 19:45:12 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\win\AppData\Local\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\win\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\win\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
      CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\win\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
      CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
      CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
      CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
      CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
      CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
      CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
      CHR - plugin: Facebook Desktop (Enabled) = C:\Users\win\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
      CHR - plugin: Google Update (Enabled) = C:\Users\win\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
      CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
      CHR - Extension: BitTorrentControl_v12 = C:\Users\win\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\10.14.251.3_0\
      CHR - Extension: avast! WebRep = C:\Users\win\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\

      O1 HOSTS File: ([2013/02/21 20:37:20 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (no name) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\win\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O13 - gopher Prefix: missing
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 75.153.176.9
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31544D5F-8763-43F0-A173-53DA3C6C5B69}: DhcpNameServer = 192.168.1.254 75.153.176.9
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72F4EEDE-6D8D-4692-A031-2929F246E2BA}: DhcpNameServer = 192.168.1.254
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2012/12/18 12:29:03 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

      MsConfig:64bit - StartUpFolder: C:^Users^win^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk - C:\Users\win\AppData\Local\Facebook\MESSEN~1\214651~1.0\FACEBO~1.EXE - (Facebook)
      MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
      MsConfig:64bit - StartUpReg: AdobeCS5.5ServiceManager - hkey= - key= - File not found
      MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      MsConfig:64bit - StartUpReg: autodetect - hkey= - key= - C:\Program Files (x86)\BAM - ZTE MF190\AutoDect.exe ()
      MsConfig:64bit - StartUpReg: EEventManager - hkey= - key= - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
      MsConfig:64bit - StartUpReg: EPSON TX130 Series - hkey= - key= - C:\Windows\SysNative\spool\DRIVERS\x64\3\E_IATIHJL.EXE (SEIKO EPSON CORPORATION)
      MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - C:\Users\win\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\win\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
      MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
      MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
      MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      MsConfig:64bit - State: "bootini" - Reg Error: Key error.

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/02/26 04:54:30 | 000,000,000 | ---D | C] -- C:\Users\win\AppData\Local\{6CBE7B76-FAF9-483E-928C-2B0EA99CDC47}
      [2013/02/26 04:17:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\win\Desktop\OTL.exe
      [2013/02/25 19:49:38 | 000,000,000 | -HSD | C] -- C:\found.003
      [2013/02/25 01:18:25 | 000,000,000 | ---D | C] -- C:\Users\win\AppData\Local\backburner
      [2013/02/25 01:16:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
      [2013/02/24 21:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
      [2013/02/24 21:54:47 | 003,811,928 | ---- | C] (Piriform Ltd) -- C:\Users\win\Desktop\dfsetup213.exe
      [2013/02/24 21:40:38 | 000,000,000 | ---D | C] -- C:\Users\win\AppData\Roaming\GlarySoft
      [2013/02/24 21:35:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
      [2013/02/24 21:35:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
      [2013/02/24 20:45:00 | 006,632,472 | ---- | C] (Glarysoft Ltd ) -- C:\Users\win\Desktop\gusetup_slim.exe
      [2013/02/23 12:56:37 | 000,000,000 | ---D | C] -- C:\Users\win\Desktop\reel fric martinez.aep Logs
      [2013/02/21 20:37:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2013/02/21 20:35:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
      [2013/02/21 20:22:12 | 000,958,368 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\win\Desktop\iExplore64.exe
      [2013/02/21 00:24:19 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2013/02/21 00:24:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2013/02/21 00:24:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
      [2013/02/21 00:24:13 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2013/02/21 00:23:57 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
      [2013/02/20 19:55:37 | 005,034,671 | R--- | C] (Swearware) -- C:\Users\win\Desktop\ComboFix.exe
      [2013/02/19 20:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
      [2013/02/19 20:35:33 | 000,000,000 | ---D | C] -- C:\Users\win\AppData\Roaming\NVIDIA
      [2013/02/19 18:41:19 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
      [2013/02/18 20:01:42 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\win\Desktop\iExplore.exe
      [2013/02/18 19:09:18 | 000,000,000 | ---D | C] -- C:\Users\win\Desktop\rkill
      [2013/02/18 14:49:26 | 000,000,000 | ---D | C] -- C:\Users\win\AppData\Roaming\Malwarebytes
      [2013/02/18 14:49:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/02/18 14:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/02/18 14:49:06 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2013/02/18 14:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2013/02/18 14:48:46 | 000,000,000 | ---D | C] -- C:\Users\win\AppData\Local\Programs
      [2013/02/16 14:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
      [2013/02/16 14:18:50 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
      [2013/02/16 14:18:50 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
      [2013/02/16 14:18:47 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
      [2013/02/16 14:18:46 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
      [2013/02/16 14:18:44 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
      [2013/02/16 14:18:41 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
      [2013/02/16 14:18:40 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
      [2013/02/16 14:17:03 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
      [2013/02/16 14:17:02 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
      [2013/02/16 14:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
      [2013/02/16 14:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
      [2013/02/16 13:39:50 | 000,000,000 | ---D | C] -- C:\Users\win\AppData\Roaming\Ovep
      [2013/02/15 11:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      [2013/02/15 10:12:26 | 000,000,000 | ---D | C] -- C:\found.002
      [2013/02/15 09:00:04 | 000,000,000 | ---D | C] -- C:\Users\win\AppData\Roaming\Ocdor
      [2013/02/09 14:07:11 | 000,000,000 | ---D | C] -- C:\Users\win\AppData\Local\{7B344A9E-8D75-40A1-8B00-7442ECFE5587}
      [2013/02/08 13:04:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
      [2013/02/05 03:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
      [2013/02/05 03:17:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
      [2013/02/04 00:59:50 | 000,000,000 | ---D | C] -- C:\found.001
      [2013/02/03 13:35:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
      [2013/02/02 2316 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2013/02/02 22:19:15 | 000,000,000 | ---D | C] -- C:\found.000
      [2013/01/28 08:55:32 | 000,000,000 | ---D | C] -- C:\Users\win\AppData\Local\{133FA961-6339-4A8E-9A78-211B025DF660}

      ========== Files - Modified Within 30 Days ==========

      [2013/02/26 04:59:41 | 000,245,647 | ---- | M] () -- C:\Users\win\Desktop\b&w dolph.jpeg
      [2013/02/26 04:50:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/02/26 04:48:37 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/02/26 04:48:37 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/02/26 04:33:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1497939310-3903897186-3725360457-1000UA.job
      [2013/02/26 04:26:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1497939310-3903897186-3725360457-1000UA.job
      [2013/02/26 04:17:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\win\Desktop\OTL.exe
      [2013/02/26 00:53:30 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
      [2013/02/26 00:48:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/02/26 00:47:58 | 3220,709,376 | -HS- | M] () -- C:\hiberfil.sys
      [2013/02/24 21:56:33 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
      [2013/02/24 21:48:54 | 003,811,928 | ---- | M] (Piriform Ltd) -- C:\Users\win\Desktop\dfsetup213.exe
      [2013/02/24 21:35:53 | 000,001,070 | ---- | M] () -- C:\Users\win\Desktop\Glary Utilities.lnk
      [2013/02/24 21:23:06 | 000,075,056 | ---- | M] () -- C:\Users\win\Documents\cc_20130224_212232 (copia seguridad).reg
      [2013/02/24 20:45:10 | 006,632,472 | ---- | M] (Glarysoft Ltd ) -- C:\Users\win\Desktop\gusetup_slim.exe
      [2013/02/23 13:26:13 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1497939310-3903897186-3725360457-1000Core.job
      [2013/02/23 13:01:47 | 133,990,412 | ---- | M] () -- C:\Users\win\Desktop\slacker fric.mov
      [2013/02/23 12:57:36 | 000,185,470 | ---- | M] () -- C:\Users\win\Desktop\Slacker_fric.wma
      [2013/02/23 12:56:39 | 022,370,708 | ---- | M] () -- C:\Users\win\Desktop\Slacker_final_preview.aif
      [2013/02/23 12:54:07 | 000,190,507 | ---- | M] () -- C:\Users\win\Desktop\reel fric martinez.aep
      [2013/02/21 20:37:20 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
      [2013/02/21 20:22:12 | 000,958,368 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\win\Desktop\iExplore64.exe
      [2013/02/21 17:37:57 | 000,002,356 | ---- | M] () -- C:\Users\win\Desktop\Google Chrome.lnk
      [2013/02/21 16:59:31 | 005,034,671 | R--- | M] (Swearware) -- C:\Users\win\Desktop\ComboFix.exe
      [2013/02/21 16:49:56 | 000,766,040 | ---- | M] () -- C:\Users\win\Desktop\generic_uninstaller.exe
      [2013/02/19 14:33:08 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1497939310-3903897186-3725360457-1000Core.job
      [2013/02/19 01:55:14 | 000,587,671 | ---- | M] () -- C:\Users\win\Desktop\adwcleaner0.exe
      [2013/02/18 21:28:37 | 000,020,240 | ---- | M] () -- C:\bootsqm.dat
      [2013/02/18 16:39:02 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\win\Desktop\iExplore.exe
      [2013/02/18 14:49:08 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/02/18 12:39:31 | 000,006,080 | ---- | M] () -- C:\ProgramData\NanoRepository.bin
      [2013/02/16 23:43:50 | 000,006,080 | ---- | M] () -- C:\ProgramData\NanoRepository.bin.bak
      [2013/02/16 14:18:51 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
      [2013/02/16 14:18:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
      [2013/02/15 17:16:12 | 004,971,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2013/02/15 11:39:31 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2013/02/08 13:04:32 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
      [2013/02/04 12:56:40 | 000,001,456 | ---- | M] () -- C:\Users\win\AppData\Local\Adobe Save for Web 12.0 Prefs
      [2013/02/02 2319 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2013/01/31 12:33:26 | 000,017,266 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
      [2013/01/31 10:38:03 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2013/01/31 10:38:03 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2013/01/31 10:38:03 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

      ========== Files Created - No Company Name ==========

      [2013/02/26 04:53:35 | 000,245,647 | ---- | C] () -- C:\Users\win\Desktop\b&w dolph.jpeg
      [2013/02/24 21:56:33 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
      [2013/02/24 21:35:55 | 000,000,320 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
      [2013/02/24 21:35:53 | 000,001,070 | ---- | C] () -- C:\Users\win\Desktop\Glary Utilities.lnk
      [2013/02/24 21:22:52 | 000,075,056 | ---- | C] () -- C:\Users\win\Documents\cc_20130224_212232 (copia seguridad).reg
      [2013/02/23 12:58:37 | 133,990,412 | ---- | C] () -- C:\Users\win\Desktop\slacker fric.mov
      [2013/02/23 12:56:39 | 000,185,470 | ---- | C] () -- C:\Users\win\Desktop\Slacker_fric.wma
      [2013/02/23 12:56:37 | 022,370,708 | ---- | C] () -- C:\Users\win\Desktop\Slacker_final_preview.aif
      [2013/02/23 11:46:02 | 000,190,507 | ---- | C] () -- C:\Users\win\Desktop\reel fric martinez.aep
      [2013/02/21 16:51:44 | 000,766,040 | ---- | C] () -- C:\Users\win\Desktop\generic_uninstaller.exe
      [2013/02/21 00:24:19 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2013/02/21 00:24:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2013/02/21 00:24:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2013/02/21 00:24:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2013/02/21 00:24:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2013/02/19 03:11:11 | 000,017,266 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
      [2013/02/19 01:59:18 | 000,587,671 | ---- | C] () -- C:\Users\win\Desktop\adwcleaner0.exe
      [2013/02/18 21:28:37 | 000,020,240 | ---- | C] () -- C:\bootsqm.dat
      [2013/02/18 14:49:08 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/02/16 23:43:50 | 000,006,080 | ---- | C] () -- C:\ProgramData\NanoRepository.bin.bak
      [2013/02/16 23:43:50 | 000,006,080 | ---- | C] () -- C:\ProgramData\NanoRepository.bin
      [2013/02/16 14:18:51 | 000,001,958 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
      [2013/02/16 14:18:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
      [2013/02/15 11:39:31 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2013/02/03 14:54:42 | 000,001,456 | ---- | C] () -- C:\Users\win\AppData\Local\Adobe Save for Web 12.0 Prefs
      [2013/02/02 2319 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [2013/02/02 2319 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2013/02/01 13:02:27 | 000,002,046 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
      [2012/12/31 19:08:41 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
      [2012/02/23 11:21:30 | 000,000,132 | ---- | C] () -- C:\Users\win\AppData\Roaming\Adobe Targa Format CS5 Prefs
      [2012/01/26 13:17:51 | 000,000,088 | ---- | C] () -- C:\Windows\ETX130.ini
      [2011/10/25 13:59:50 | 000,772,558 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2011/03/16 00:13:46 | 000,057,344 | R--- | C] () -- C:\Windows\SysWow64\XSIChooser.exe

      ========== ZeroAccess Check ==========

      [2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 05:27:25 | 014,174,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 04:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2013/02/26 00:55:40 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Autodesk
      [2013/02/18 23:03:38 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\BitTorrent
      [2012/12/17 22:02:58 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [2012/12/31 10:59:02 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\cYo
      [2012/01/26 15:09:18 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\EPSON
      [2013/01/19 17:13:51 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\FlvtoConverter
      [2012/12/31 19:08:47 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\FreeAudioPack
      [2013/02/24 21:40:38 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\GlarySoft
      [2013/02/16 16:12:43 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Laxe
      [2013/02/16 16:12:50 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Maqoo
      [2013/02/16 16:13:34 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Navix
      [2013/01/28 06:41:20 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Nico Mak Computing
      [2013/02/16 16:13:34 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Ocdor
      [2013/02/19 14:06:39 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Ovep
      [2013/02/16 16:13:34 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Oxgi
      [2012/12/05 18:41:12 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\PCCUStubInstaller
      [2013/02/16 16:13:39 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Pipiz
      [2012/12/12 18:13:51 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Wacom
      [2012/02/21 18:24:25 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
      [2012/12/28 01:41:16 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Windows Live Writer
      [2013/02/16 13:46:26 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Xeaki
      [2013/02/16 16:13:42 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Ywiru
      [2013/02/16 16:13:42 | 000,000,000 | ---D | M] -- C:\Users\win\AppData\Roaming\Zovi

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2013/02/19 02:04:18 | 000,010,871 | ---- | M] () -- C:\AdwCleaner[S1].txt
      [2013/02/18 21:28:37 | 000,020,240 | ---- | M] () -- C:\bootsqm.dat
      [2013/02/21 20:43:42 | 000,092,269 | ---- | M] () -- C:\ComboFix.txt
      [2013/02/26 00:47:58 | 3220,709,376 | -HS- | M] () -- C:\hiberfil.sys
      [2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
      [2013/02/26 00:48:05 | 4294,279,168 | -HS- | M] () -- C:\pagefile.sys

      < %PROGRAMFILES%\*.* >
      [2009/07/13 20:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:A1EDB939

      < End of report >