• Registrarse
  • Iniciar sesión


  • Página 4 de 4 PrimeroPrimero 1234
    Resultados 31 al 38 de 38

    Problema actulizar window update (Posible virus¿?)

    Resumen del tema: Problema actulizar window update (Posible virus¿?) - Hola Gracias por ser agradecido A combofix debes decirle que si para que se actualize. Si no se genera un reporte genera uno nuevo con farbar como indique anterioremente Y con ese veriamos si hay ...

    1. #31
      Moderador
      Avatar de ErdrickBass
      Registrado
      jul 2009
      Ubicación
      Cd Juarez, Mex.
      Mensajes
      9.328

      Re: Problema actulizar window update (Posible virus¿?)

      Hola

      Gracias por ser agradecido

      A combofix debes decirle que si para que se actualize.

      Si no se genera un reporte genera uno nuevo con farbar como indique anterioremente Y con ese veriamos si hay alguna otra cosa rondando tu sistema.

      Si todo se ve bien y estas de acuerdo probarremos que instales actualizaciones con las debidas precauciones.

      Saludos
      El cielo azul es infinitamente alto y cristalino

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    2. #32
      Usuario Avatar de arrasando86
      Registrado
      jul 2013
      Ubicación
      ESPAÑA
      Mensajes
      23

      Re: Problema actulizar window update (Posible virus¿?)

      Hola...

      He pasado el FRST... y solo ha generado un reporte :(. Te lo paso a continuación. Claro cuando me digas hacemos la actulización. Comentarte que tengo tres procesos abiertos: winlogon.exe, crss.exe y nvvsvc.exe.. por lo que he leido pueden ser virus, troyanos... o cualquiera de ese tipo de cosas (La columna nombre y descripción esta en blanco). Te lo comento por si te ayuda en algo..aunque supongo que te aparecera en esos reportes de los que yo no entiendo nada.

      Gracias y saludos¡¡¡

      Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2013 04
      Ran by Casandra (administrator) on CASANDRA-PC on 31-08-2013 20:52:35
      Running from C:\Users\Casandra\Desktop
      Windows 7 Home Premium (X64) OS Language: Spanish Modern Sort
      Internet Explorer Version 9
      Boot Mode: Normal

      ==================== Processes (Whitelisted) =================

      (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
      (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
      (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
      (Acer) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
      (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
      (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
      (Dropbox, Inc.) C:\Users\Casandra\AppData\Roaming\Dropbox\bin\Dropbox.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
      (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
      (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

      ==================== Registry (Whitelisted) ==================

      HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
      HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
      HKLM-x32\...\Winlogon: [Userinit] C:\Windows\SysWOW64\Userinit.exe, [x]
      HKLM\...\Policies\Explorer: [HideSCAHealth] 1
      HKLM\...\Policies\Explorer: [NoDrives] 0
      HKLM\...\Policies\Explorer: [NoDriveAutoRun] 3
      HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 0
      HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0
      HKCU\...\Policies\Explorer: [NoDrives] 0
      HKCU\...\Policies\Explorer: [NoDriveAutoRun] 3
      HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
      HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
      HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
      HKU\Default\...\RunOnce: [ScrSav] - C:\Windows\Screensavers\PackardBell\run_PackardBel [x]
      HKU\Default User\...\RunOnce: [ScrSav] - C:\Windows\Screensavers\PackardBell\run_PackardBel [x]
      Startup: C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
      ShortcutTarget: Dropbox.lnk -> C:\Users\Casandra\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart

      ==================== Internet (Whitelisted) ====================

      HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
      HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = Sign In
      HKCU\Software\Microsoft\Internet Explorer\Main,Default_page_url = MSN.com
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = Internet Explorer 6 Search Companion is no longer supported.
      StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
      SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      SearchScopes: HKCU - Backup.Old.DefaultScope {653177B1-8AAF-4F4D-A88F-79FE1E935308}
      SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
      SearchScopes: HKCU - ۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
      BHO-x32: No Name - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
      BHO-x32: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
      BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      BHO-x32: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
      BHO-x32: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
      Toolbar: HKLM-x32 - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
      Toolbar: HKLM-x32 - PROMT - {892E81F6-EC63-4d13-8422-835A7A05D6EB} - C:\Program Files (x86)\PRMT8\PRMTIE\prmtie.dll (PROMT Ltd.)
      DPF: HKLM-x32 {01113300-3E00-11D2-8470-0060089874ED} http://web.atar.rima-tde.net/sdccomm...ad/tgctlcm.cab
      DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab
      DPF: HKLM-x32 {B785FA3C-1DE9-4D20-8396-613C486FE95E} https://www2.agenciatributaria.gob.e...h/cactivex.cab
      DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab
      DPF: HKLM-x32 {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
      DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
      Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
      Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
      Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
      Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254

      FireFox:
      ========
      FF ProfilePath: C:\Users\Casandra\AppData\Roaming\Mozilla\Firefox\Profiles\u20w4c24.default
      FF DefaultSearchEngine: Hola Search
      FF SearchEngineOrder.1: Hola Search
      FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
      FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
      FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
      FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
      FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
      FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\drae.xml
      FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-es.xml
      FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-es.xml
      FF Extension: HolaSearch - C:\Users\Casandra\AppData\Roaming\Mozilla\Firefox\Profiles\u20w4c24.default\Extensions\[email protected]
      FF Extension: CoolLinks Addon - C:\Users\Casandra\AppData\Roaming\Mozilla\Firefox\Profiles\u20w4c24.default\Extensions\[email protected]
      FF Extension: VLC Addon - C:\Users\Casandra\AppData\Roaming\Mozilla\Firefox\Profiles\u20w4c24.default\Extensions\[email protected]
      FF Extension: No Name - C:\Users\Casandra\AppData\Roaming\Mozilla\Firefox\Profiles\u20w4c24.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
      FF Extension: No Name - C:\Users\Casandra\AppData\Roaming\Mozilla\Firefox\Profiles\u20w4c24.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
      FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
      FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] C:\Program Files (x86)\AVG\AVG2012\Firefox4\
      FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
      FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\
      FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\
      FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
      FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

      Chrome:
      =======
      Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
      CHR Extension: () - C:\Users\Casandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172
      CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx
      CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

      ==================== Services (Whitelisted) =================

      R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5174392 2012-11-02] (AVG Technologies CZ, s.r.o.)
      R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
      S4 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [844320 2009-08-05] (Acer Incorporated)
      S4 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
      R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
      R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
      S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [237008 2011-06-17] (McAfee, Inc.)
      S4 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [62720 2009-08-21] (NewTech Infosystems, Inc.)
      S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2010-11-08] ()
      R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-31] (TuneUp Software)
      R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)

      ==================== Drivers (Whitelisted) ====================

      R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
      R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
      R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
      R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
      R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
      R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
      R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
      R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
      R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
      R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
      U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
      S3 catchme; \??\C:\ComboFix\catchme.sys [x]
      S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
      S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
      U2 wuaserv;

      ==================== NetSvcs (Whitelisted) ===================


      ==================== One Month Created Files and Folders ========

      2013-08-31 20:51 - 2013-08-31 20:51 - 01589860 _____ (Farbar) C:\Users\Casandra\Downloads\FRST64.exe
      2013-08-31 15:24 - 2013-08-31 13:52 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
      2013-08-31 15:24 - 2013-08-31 13:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
      2013-08-31 15:24 - 2013-08-31 13:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
      2013-08-31 14:55 - 2013-08-31 14:55 - 00006849 _____ C:\Users\Casandra\Desktop\UsbFix [Clean 1] CASANDRA-PC.txt
      2013-08-31 14:40 - 2013-08-31 14:54 - 00006849 _____ C:\UsbFix [Clean 1] CASANDRA-PC.txt
      2013-08-31 14:40 - 2013-08-31 14:54 - 00000000 ____D C:\UsbFix
      2013-08-31 14:30 - 2013-08-31 14:30 - 01144645 _____ (El Desaparecido - SosVirus.net) C:\Users\Casandra\Downloads\UsbFix.exe
      2013-08-31 14:25 - 2013-08-31 14:27 - 00000000 ____D C:\32788R22FWJFW
      2013-08-31 14:23 - 2013-08-31 14:23 - 00000209 _____ C:\Users\Casandra\Desktop\CFScript.txt
      2013-08-31 14:21 - 2013-08-31 15:31 - 00000000 ____D C:\Users\Casandra\Desktop\JavaRa
      2013-08-31 14:14 - 2013-08-31 14:14 - 00000000 ____D C:\Users\Casandra\Desktop\javara1
      2013-08-31 14:04 - 2013-08-31 14:20 - 00150667 _____ C:\Users\Casandra\Downloads\JavaRa-2.2.zip
      2013-08-31 13:52 - 2013-08-31 13:52 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
      2013-08-31 13:52 - 2013-08-31 13:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
      2013-08-29 18:07 - 2013-08-29 18:07 - 00025492 ____N C:\ComboFix.txt
      2013-08-29 17:46 - 2013-08-29 18:07 - 00000000 ____D C:\Qoobox
      2013-08-29 17:46 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
      2013-08-29 17:46 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
      2013-08-29 17:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
      2013-08-29 17:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
      2013-08-29 17:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
      2013-08-29 17:46 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
      2013-08-29 17:46 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
      2013-08-29 17:46 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
      2013-08-29 16:19 - 2013-08-31 14:25 - 05117322 ____R (Swearware) C:\Users\Casandra\Desktop\iExplore.com.exe
      2013-08-28 23:17 - 2013-08-28 23:17 - 00200819 _____ C:\Windows\SysWOW64\~.tmp
      2013-08-28 23:17 - 2013-08-28 23:17 - 00182779 _____ C:\Users\Casandra\Desktop\citapapa.xps
      2013-08-28 21:12 - 2013-08-28 21:12 - 00866592 _____ C:\Users\Casandra\Desktop\Norton_Removal_Tool.exe
      2013-08-28 12:54 - 2013-08-28 12:54 - 00030018 _____ C:\Users\Casandra\Desktop\Addition.txt
      2013-08-28 12:52 - 2013-08-28 12:52 - 00000000 ____D C:\FRST
      2013-08-28 09:07 - 2013-08-28 09:07 - 00000000 ____D C:\Windows\system32\SPReview
      2013-08-28 09:05 - 2013-08-28 09:05 - 00000000 ____D C:\Windows\system32\EventProviders
      2013-08-26 15:38 - 2013-08-29 18:05 - 00000000 ____D C:\Windows\erdnt
      2013-08-26 15:33 - 2013-08-28 12:50 - 00456240 _____ (Company) C:\Users\Casandra\Desktop\setup.exe
      2013-08-26 14:57 - 2013-08-26 14:57 - 02748256 _____ (Kaspersky Lab ZAO) C:\Users\Casandra\Downloads\tdsskiller.exe
      2013-08-26 14:53 - 2013-08-26 14:53 - 00002745 _____ C:\Users\Casandra\Desktop\AdwCleaner[S0].txt
      2013-08-26 14:40 - 2013-08-26 14:40 - 00994642 _____ C:\Users\Casandra\Downloads\adwcleaner.exe
      2013-08-26 14:23 - 2013-08-26 14:41 - 00000000 ____D C:\AdwCleaner
      2013-08-24 23:38 - 2013-08-24 23:38 - 00000000 ____D C:\Users\Casandra\AppData\Local\Windows Live
      2013-08-24 23:24 - 2013-08-28 09:36 - 00000000 ____D C:\Windows\system32\MRT
      2013-08-24 22:52 - 2013-08-28 08:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
      2013-08-24 20:55 - 2013-08-26 14:05 - 00000000 ____D C:\Users\Casandra\Desktop\mbar
      2013-08-24 20:54 - 2013-08-24 20:55 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Casandra\Downloads\mbar-1.07.0.1005.exe
      2013-08-20 23:53 - 2013-08-20 23:53 - 00000000 ____D C:\Users\Casandra\Documents\8floor
      2013-08-20 23:53 - 2013-08-20 23:53 - 00000000 ____D C:\Program Files (x86)\Magnolia
      2013-08-20 23:50 - 2013-08-20 23:53 - 29866254 _____ C:\Users\Casandra\Downloads\Royal.rar
      2013-08-20 22:52 - 2013-08-20 22:52 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Big Fish Games
      2013-08-20 22:51 - 2013-08-20 22:51 - 00000000 ____D C:\Users\Casandra\Desktop\Jigsaw Puzzle 2 Mix - JPR504
      2013-08-20 22:50 - 2013-08-20 22:54 - 00001198 _____ C:\Users\Casandra\Desktop\Oberon Games.lnk
      2013-08-20 22:50 - 2013-08-20 22:50 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Oberon Media
      2013-08-20 22:50 - 2013-08-20 22:50 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oberon Media
      2013-08-20 22:50 - 2013-08-20 22:50 - 00000000 ____D C:\ProgramData\Oberon Media
      2013-08-20 22:47 - 2013-08-20 22:49 - 19172682 _____ C:\Users\Casandra\Downloads\JigsawPuzzle2-JPR504.rar
      2013-08-20 22:35 - 2013-08-20 22:35 - 00000000 ____D C:\ProgramData\09-s7-n3-58-9p-s7
      2013-08-20 22:30 - 2013-08-20 22:35 - 82253643 _____ C:\Users\Casandra\Downloads\Supergsaw.rar
      2013-08-20 22:25 - 2013-08-20 22:25 - 06809844 _____ C:\Users\Casandra\Downloads\[email protected]
      2013-08-20 19:54 - 2013-08-20 19:54 - 00347424 _____ (Microsoft Corporation) C:\Users\Casandra\Downloads\MicrosoftFixit.wu.LB.217300452023414860.1.1.Run.exe
      2013-08-20 15:50 - 2013-08-20 15:50 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Daedalic Entertainment
      2013-08-20 15:48 - 2013-08-20 15:48 - 00001473 _____ C:\Users\Public\Desktop\Ravensburger Puzzle Selection.lnk
      2013-08-20 15:47 - 2013-08-20 15:47 - 00000000 ____D C:\Program Files (x86)\UN MILLON DE JUEGOS
      2013-08-20 15:36 - 2013-08-20 15:45 - 150625764 _____ C:\Users\Casandra\Downloads\RvnBrg-PzzS.rar
      2013-08-20 00:41 - 2013-08-20 00:41 - 00004096 _____ C:\Windows\d3dx.dat
      2013-08-20 00:41 - 2013-08-20 00:41 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Ravensburger Digital
      2013-08-20 00:15 - 2013-08-20 00:38 - 414615715 _____ C:\Users\Casandra\Downloads\Ravensburger-2Selection.rar
      2013-08-19 23:49 - 2013-08-19 23:49 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\AlawarEntertainment
      2013-08-19 22:51 - 2013-08-19 23:39 - 174116962 _____ C:\Users\Casandra\Downloads\SlingshotPuzzle.rar
      2013-08-15 21:56 - 2013-08-15 22:06 - 167798851 _____ C:\Users\Casandra\Downloads\IslandCastaway2.rar
      2013-08-15 13:24 - 2013-08-26 14:08 - 00000282 __RSH C:\Users\Casandra\ntuser.pol
      2013-08-15 13:22 - 2013-08-15 13:22 - 01791938 _____ (Media Codecs Interactive) C:\Users\Casandra\Downloads\VLC Player Install(2).exe
      2013-08-13 22:39 - 2013-08-13 23:30 - 184605622 _____ C:\Users\Casandra\Downloads\AF-SpecialDeliver.rar
      2013-08-13 21:11 - 2013-08-13 21:34 - 84977424 _____ C:\Users\Casandra\Downloads\AvenueFlo.rar
      2013-08-13 20:30 - 2013-08-13 20:30 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMIGOS UNIDOS Hotel Dash - Suite Success
      2013-08-13 20:01 - 2013-08-13 20:01 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMIGOS UNIDOS Diner Town Tycoon
      2013-08-13 19:56 - 2013-08-13 20:00 - 162186904 _____ C:\Users\Casandra\Downloads\DinDashPack-12.part4.rar
      2013-08-13 19:50 - 2013-08-13 19:54 - 188743680 _____ C:\Users\Casandra\Downloads\DinDashPack-12.part3.rar
      2013-08-13 19:38 - 2013-08-13 19:47 - 188743680 _____ C:\Users\Casandra\Downloads\DinDashPack-12.part2.rar
      2013-08-13 19:38 - 2013-08-13 19:45 - 188743680 _____ C:\Users\Casandra\Downloads\DinDashPack-12.part1.rar
      2013-08-12 23:42 - 2013-08-12 23:42 - 00000000 ____D C:\ProgramData\Fugazo
      2013-08-12 23:41 - 2013-08-12 23:41 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMIGOS UNIDOS Dream Builder - Parque de Atracciones
      2013-08-12 23:38 - 2013-08-12 23:40 - 88454018 _____ C:\Users\Casandra\Downloads\DreaBuilParAt.zip
      2013-08-12 21:30 - 2013-08-12 21:30 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Manifesto Games
      2013-08-12 20:47 - 2013-08-12 21:27 - 147049620 _____ C:\Users\Casandra\Downloads\Fruits-Inc.rar
      2013-08-10 22:09 - 2013-08-10 22:24 - 283847680 _____ C:\Users\Casandra\Downloads\DC5-BookWater.rar
      2013-08-10 16:29 - 2013-08-10 16:38 - 155322639 _____ C:\Users\Casandra\Downloads\BookofAir.rar
      2013-08-08 16:13 - 2013-08-08 16:13 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Thinstall
      2013-08-07 01:29 - 2013-08-07 01:37 - 145939005 _____ C:\Users\Casandra\Downloads\DreamChronicles-Trilogy-1.rar
      2013-08-06 20:36 - 2013-08-06 20:45 - 166098691 _____ C:\Users\Casandra\Downloads\AncientRome-2.rar
      2013-08-05 23:16 - 2013-08-05 23:16 - 00000000 ____D C:\Users\Casandra\Documents\my farm life 2
      2013-08-05 23:14 - 2013-08-05 23:14 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\aliasworlds
      2013-08-05 23:05 - 2013-08-05 23:11 - 109187697 _____ C:\Users\Casandra\Downloads\MyFarmLife-2.rar
      2013-08-05 09:09 - 2013-08-05 09:09 - 00002224 _____ C:\Users\Public\Desktop\Google Earth.lnk
      2013-08-05 01:06 - 2013-08-06 13:10 - 00000000 ____D C:\Program Files (x86)\SpeedFan
      2013-08-05 01:06 - 2013-08-05 01:06 - 02143832 _____ C:\Users\Casandra\Desktop\instsf449.exe
      2013-08-05 01:06 - 2013-08-05 01:06 - 00001023 _____ C:\Users\Casandra\Desktop\SpeedFan.lnk
      2013-08-05 01:06 - 2013-08-05 01:06 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
      2013-08-05 01:06 - 2013-08-05 01:06 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
      2013-08-05 01:06 - 2013-08-05 01:06 - 00000000 _____ C:\Users\Casandra\Downloads\initdebug.nfo
      2013-08-05 01:05 - 2013-08-05 01:05 - 00392016 _____ (Softonic ) C:\Users\Casandra\Downloads\SoftonicDownloader_para_speedfan.exe
      2013-08-05 00:32 - 2013-08-05 00:32 - 00262144 _____ C:\Windows\Minidump\080513-49686-01.dmp
      2013-08-04 23:41 - 2013-08-04 23:48 - 119618538 _____ C:\Users\Casandra\Downloads\RoyalEnvoy(1).rar
      2013-08-04 22:28 - 2013-08-04 23:38 - 00000007 _____ C:\Users\Casandra\Downloads\RoyalEnvoy.rar
      2013-08-04 16:27 - 2013-08-04 19:21 - 635900281 _____ C:\Users\Casandra\Downloads\Gardenscapes-2.rar
      2013-08-03 13:38 - 2013-08-05 10:15 - 00000000 ____D C:\Program Files (x86)\Farm Craft
      2013-08-03 13:38 - 2013-08-03 13:38 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Craft en Español
      2013-08-03 13:36 - 2013-08-03 13:37 - 24828598 _____ C:\Users\Casandra\Downloads\Farm-Craft.rar
      2013-08-03 00:48 - 2013-08-03 00:48 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\playmink
      2013-08-03 00:40 - 2013-08-03 00:46 - 115370940 _____ C:\Users\Casandra\Downloads\Hobby-Farm.rar
      2013-08-02 23:59 - 2013-08-03 00:05 - 107225725 _____ C:\Users\Casandra\Downloads\Mama-Farm.rar
      2013-08-02 23:16 - 2013-08-02 23:16 - 00000000 ____D C:\ProgramData\CrioGames
      2013-08-02 23:15 - 2013-08-20 00:39 - 00000000 ____D C:\Program Files (x86)\Los Juegos del Mago Nico
      2013-08-02 23:05 - 2013-08-02 23:12 - 112992462 _____ C:\Users\Casandra\Downloads\FarmTribe.2.rar
      2013-08-02 02:04 - 2013-08-02 12:31 - 00000000 ____D C:\Program Files\Farm Craft 2
      2013-08-02 01:57 - 2013-08-02 02:03 - 100120008 _____ C:\Users\Casandra\Downloads\sopfamcra2.rar
      2013-08-01 22:05 - 2013-08-01 23:50 - 00007214 _____ C:\Users\Casandra\Desktop\Rkill.txt
      2013-08-01 11:45 - 2013-08-01 11:45 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\NevoSoft Games
      2013-08-01 11:40 - 2013-08-01 11:40 - 00000000 ____D C:\Program Files (x86)\Juegos bettyboopz

      ==================== One Month Modified Files and Folders =======

      2013-08-31 20:51 - 2013-08-31 20:52 - 01589860 _____ (Farbar) C:\Users\Casandra\Desktop\FRST64.exe
      2013-08-31 20:51 - 2013-08-31 20:51 - 01589860 _____ (Farbar) C:\Users\Casandra\Downloads\FRST64.exe
      2013-08-31 20:42 - 2013-02-02 00:04 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
      2013-08-31 20:05 - 2010-02-08 15:37 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
      2013-08-31 17:49 - 2012-02-26 04:08 - 00099260 _____ C:\Windows\setupact.log
      2013-08-31 17:05 - 2010-04-27 22:05 - 00004002 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9DFB9924-1689-4711-B547-5249517AEAC1}
      2013-08-31 15:31 - 2013-08-31 14:21 - 00000000 ____D C:\Users\Casandra\Desktop\JavaRa
      2013-08-31 15:18 - 2013-06-18 22:36 - 00000000 ___RD C:\Users\Casandra\Dropbox
      2013-08-31 15:18 - 2012-06-19 15:34 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Dropbox
      2013-08-31 15:18 - 2009-11-07 04:07 - 01839630 _____ C:\Windows\WindowsUpdate.log
      2013-08-31 15:17 - 2009-11-24 08:15 - 00000000 ____D C:\Users\Casandra
      2013-08-31 15:05 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2013-08-31 15:05 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2013-08-31 15:03 - 2012-02-25 20:53 - 00000000 ____D C:\Windows\system32\Drivers\AVG
      2013-08-31 15:03 - 2009-11-07 13:00 - 00704074 _____ C:\Windows\system32\perfh00A.dat
      2013-08-31 15:03 - 2009-11-07 13:00 - 00138040 _____ C:\Windows\system32\perfc00A.dat
      2013-08-31 15:03 - 2009-07-14 07:13 - 01555708 _____ C:\Windows\system32\PerfStringBackup.INI
      2013-08-31 14:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
      2013-08-31 14:55 - 2013-08-31 14:55 - 00006849 _____ C:\Users\Casandra\Desktop\UsbFix [Clean 1] CASANDRA-PC.txt
      2013-08-31 14:54 - 2013-08-31 14:40 - 00006849 _____ C:\UsbFix [Clean 1] CASANDRA-PC.txt
      2013-08-31 14:54 - 2013-08-31 14:40 - 00000000 ____D C:\UsbFix
      2013-08-31 14:37 - 2012-03-05 21:33 - 00144726 _____ C:\Windows\PFRO.log
      2013-08-31 14:30 - 2013-08-31 14:30 - 01144645 _____ (El Desaparecido - SosVirus.net) C:\Users\Casandra\Downloads\UsbFix.exe
      2013-08-31 14:27 - 2013-08-31 14:25 - 00000000 ____D C:\32788R22FWJFW
      2013-08-31 14:25 - 2013-08-29 16:19 - 05117322 ____R (Swearware) C:\Users\Casandra\Desktop\iExplore.com.exe
      2013-08-31 14:23 - 2013-08-31 14:23 - 00000209 _____ C:\Users\Casandra\Desktop\CFScript.txt
      2013-08-31 14:20 - 2013-08-31 14:04 - 00150667 _____ C:\Users\Casandra\Downloads\JavaRa-2.2.zip
      2013-08-31 14:14 - 2013-08-31 14:14 - 00000000 ____D C:\Users\Casandra\Desktop\javara1
      2013-08-31 13:52 - 2013-08-31 15:24 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
      2013-08-31 13:52 - 2013-08-31 15:24 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
      2013-08-31 13:52 - 2013-08-31 15:24 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
      2013-08-31 13:52 - 2013-08-31 13:52 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
      2013-08-31 13:52 - 2013-08-31 13:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
      2013-08-31 13:52 - 2011-04-13 13:31 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
      2013-08-31 13:52 - 2011-04-13 13:30 - 00000000 ____D C:\Program Files (x86)\Java
      2013-08-29 22:24 - 2009-11-24 08:15 - 00093544 _____ C:\Users\Casandra\AppData\Local\GDIPFONTCACHEV1.DAT
      2013-08-29 18:07 - 2013-08-29 18:07 - 00025492 ____N C:\ComboFix.txt
      2013-08-29 18:07 - 2013-08-29 17:46 - 00000000 ____D C:\Qoobox
      2013-08-29 18:07 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
      2013-08-29 18:05 - 2013-08-26 15:38 - 00000000 ____D C:\Windows\erdnt
      2013-08-29 18:03 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
      2013-08-28 23:17 - 2013-08-28 23:17 - 00200819 _____ C:\Windows\SysWOW64\~.tmp
      2013-08-28 23:17 - 2013-08-28 23:17 - 00182779 _____ C:\Users\Casandra\Desktop\citapapa.xps
      2013-08-28 21:15 - 2009-11-24 08:18 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
      2013-08-28 21:15 - 2009-08-16 07:55 - 00000000 ____D C:\ProgramData\Symantec
      2013-08-28 21:12 - 2013-08-28 21:12 - 00866592 _____ C:\Users\Casandra\Desktop\Norton_Removal_Tool.exe
      2013-08-28 14:40 - 2009-07-14 06:45 - 00408128 _____ C:\Windows\system32\FNTCACHE.DAT
      2013-08-28 14:17 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
      2013-08-28 12:54 - 2013-08-28 12:54 - 00030018 _____ C:\Users\Casandra\Desktop\Addition.txt
      2013-08-28 12:52 - 2013-08-28 12:52 - 00000000 ____D C:\FRST
      2013-08-28 12:50 - 2013-08-26 15:33 - 00456240 _____ (Company) C:\Users\Casandra\Desktop\setup.exe
      2013-08-28 09:36 - 2013-08-24 23:24 - 00000000 ____D C:\Windows\system32\MRT
      2013-08-28 09:22 - 2009-08-22 08:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
      2013-08-28 09:07 - 2013-08-28 09:07 - 00000000 ____D C:\Windows\system32\SPReview
      2013-08-28 09:05 - 2013-08-28 09:05 - 00000000 ____D C:\Windows\system32\EventProviders
      2013-08-28 08:57 - 2013-08-24 22:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
      2013-08-28 08:57 - 2009-08-16 07:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
      2013-08-28 08:55 - 2009-08-22 07:59 - 00000000 ____D C:\ProgramData\Microsoft Help
      2013-08-28 08:55 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
      2013-08-26 22:39 - 2009-11-07 04:25 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive
      2013-08-26 22:39 - 2009-11-07 04:25 - 00000000 ____D C:\Program Files (x86)\Windows Live
      2013-08-26 22:39 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
      2013-08-26 22:39 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
      2013-08-26 22:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
      2013-08-26 22:32 - 2009-08-22 07:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
      2013-08-26 14:57 - 2013-08-26 14:57 - 02748256 _____ (Kaspersky Lab ZAO) C:\Users\Casandra\Downloads\tdsskiller.exe
      2013-08-26 14:53 - 2013-08-26 14:53 - 00002745 _____ C:\Users\Casandra\Desktop\AdwCleaner[S0].txt
      2013-08-26 14:41 - 2013-08-26 14:23 - 00000000 ____D C:\AdwCleaner
      2013-08-26 14:40 - 2013-08-26 14:40 - 00994642 _____ C:\Users\Casandra\Downloads\adwcleaner.exe
      2013-08-26 14:30 - 2013-03-09 02:01 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Uniblue
      2013-08-26 14:28 - 2013-03-09 02:01 - 00000000 ____D C:\Program Files (x86)\Uniblue
      2013-08-26 14:08 - 2013-08-15 13:24 - 00000282 __RSH C:\Users\Casandra\ntuser.pol
      2013-08-26 14:05 - 2013-08-24 20:55 - 00000000 ____D C:\Users\Casandra\Desktop\mbar
      2013-08-26 06:06 - 2009-07-27 22:26 - 00000000 ___DC C:\elements
      2013-08-25 01:59 - 2009-11-24 08:15 - 00000000 ____D C:\Recovery
      2013-08-24 23:38 - 2013-08-24 23:38 - 00000000 ____D C:\Users\Casandra\AppData\Local\Windows Live
      2013-08-24 20:55 - 2013-08-24 20:54 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Casandra\Downloads\mbar-1.07.0.1005.exe
      2013-08-21 10:42 - 2013-02-02 00:04 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2013-08-21 10:42 - 2013-02-02 00:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2013-08-21 10:42 - 2013-02-02 00:04 - 00003776 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2013-08-20 23:53 - 2013-08-20 23:53 - 00000000 ____D C:\Users\Casandra\Documents\8floor
      2013-08-20 23:53 - 2013-08-20 23:53 - 00000000 ____D C:\Program Files (x86)\Magnolia
      2013-08-20 23:53 - 2013-08-20 23:50 - 29866254 _____ C:\Users\Casandra\Downloads\Royal.rar
      2013-08-20 22:54 - 2013-08-20 22:50 - 00001198 _____ C:\Users\Casandra\Desktop\Oberon Games.lnk
      2013-08-20 22:52 - 2013-08-20 22:52 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Big Fish Games
      2013-08-20 22:51 - 2013-08-20 22:51 - 00000000 ____D C:\Users\Casandra\Desktop\Jigsaw Puzzle 2 Mix - JPR504
      2013-08-20 22:50 - 2013-08-20 22:50 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Oberon Media
      2013-08-20 22:50 - 2013-08-20 22:50 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oberon Media
      2013-08-20 22:50 - 2013-08-20 22:50 - 00000000 ____D C:\ProgramData\Oberon Media
      2013-08-20 22:50 - 2010-11-23 23:55 - 00000000 ____D C:\Program Files (x86)\Oberon Media
      2013-08-20 22:49 - 2013-08-20 22:47 - 19172682 _____ C:\Users\Casandra\Downloads\JigsawPuzzle2-JPR504.rar
      2013-08-20 22:35 - 2013-08-20 22:35 - 00000000 ____D C:\ProgramData\09-s7-n3-58-9p-s7
      2013-08-20 22:35 - 2013-08-20 22:30 - 82253643 _____ C:\Users\Casandra\Downloads\Supergsaw.rar
      2013-08-20 22:25 - 2013-08-20 22:25 - 06809844 _____ C:\Users\Casandra\Downloads\[email protected]
      2013-08-20 19:54 - 2013-08-20 19:54 - 00347424 _____ (Microsoft Corporation) C:\Users\Casandra\Downloads\MicrosoftFixit.wu.LB.217300452023414860.1.1.Run.exe
      2013-08-20 15:50 - 2013-08-20 15:50 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Daedalic Entertainment
      2013-08-20 15:48 - 2013-08-20 15:48 - 00001473 _____ C:\Users\Public\Desktop\Ravensburger Puzzle Selection.lnk
      2013-08-20 15:47 - 2013-08-20 15:47 - 00000000 ____D C:\Program Files (x86)\UN MILLON DE JUEGOS
      2013-08-20 15:45 - 2013-08-20 15:36 - 150625764 _____ C:\Users\Casandra\Downloads\RvnBrg-PzzS.rar
      2013-08-20 00:41 - 2013-08-20 00:41 - 00004096 _____ C:\Windows\d3dx.dat
      2013-08-20 00:41 - 2013-08-20 00:41 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Ravensburger Digital
      2013-08-20 00:39 - 2013-08-02 23:15 - 00000000 ____D C:\Program Files (x86)\Los Juegos del Mago Nico
      2013-08-20 00:38 - 2013-08-20 00:15 - 414615715 _____ C:\Users\Casandra\Downloads\Ravensburger-2Selection.rar
      2013-08-19 23:49 - 2013-08-19 23:49 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\AlawarEntertainment
      2013-08-19 23:39 - 2013-08-19 22:51 - 174116962 _____ C:\Users\Casandra\Downloads\SlingshotPuzzle.rar
      2013-08-19 00:31 - 2013-02-02 00:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2013-08-18 20:12 - 2012-03-10 21:05 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Spotify
      2013-08-18 19:38 - 2012-03-10 21:05 - 00000000 ____D C:\Users\Casandra\AppData\Local\Spotify
      2013-08-17 23:24 - 2013-02-20 15:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2013-08-15 22:06 - 2013-08-15 21:56 - 167798851 _____ C:\Users\Casandra\Downloads\IslandCastaway2.rar
      2013-08-15 13:25 - 2013-06-24 16:46 - 00001082 _____ C:\Users\Public\Desktop\VLC media player.lnk
      2013-08-15 13:24 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
      2013-08-15 13:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
      2013-08-15 13:22 - 2013-08-15 13:22 - 01791938 _____ (Media Codecs Interactive) C:\Users\Casandra\Downloads\VLC Player Install(2).exe
      2013-08-13 23:30 - 2013-08-13 22:39 - 184605622 _____ C:\Users\Casandra\Downloads\AF-SpecialDeliver.rar
      2013-08-13 21:34 - 2013-08-13 21:11 - 84977424 _____ C:\Users\Casandra\Downloads\AvenueFlo.rar
      2013-08-13 21:08 - 2010-11-27 21:51 - 00000000 ____D C:\Program Files (x86)\AMIGOS UNIDOS
      2013-08-13 20:30 - 2013-08-13 20:30 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMIGOS UNIDOS Hotel Dash - Suite Success
      2013-08-13 20:30 - 2009-12-19 23:38 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\PlayFirst
      2013-08-13 20:30 - 2009-12-19 23:38 - 00000000 ____D C:\ProgramData\PlayFirst
      2013-08-13 20:01 - 2013-08-13 20:01 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMIGOS UNIDOS Diner Town Tycoon
      2013-08-13 20:00 - 2013-08-13 19:56 - 162186904 _____ C:\Users\Casandra\Downloads\DinDashPack-12.part4.rar
      2013-08-13 19:54 - 2013-08-13 19:50 - 188743680 _____ C:\Users\Casandra\Downloads\DinDashPack-12.part3.rar
      2013-08-13 19:47 - 2013-08-13 19:38 - 188743680 _____ C:\Users\Casandra\Downloads\DinDashPack-12.part2.rar
      2013-08-13 19:45 - 2013-08-13 19:38 - 188743680 _____ C:\Users\Casandra\Downloads\DinDashPack-12.part1.rar
      2013-08-13 08:50 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
      2013-08-12 23:42 - 2013-08-12 23:42 - 00000000 ____D C:\ProgramData\Fugazo
      2013-08-12 23:41 - 2013-08-12 23:41 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMIGOS UNIDOS Dream Builder - Parque de Atracciones
      2013-08-12 23:40 - 2013-08-12 23:38 - 88454018 _____ C:\Users\Casandra\Downloads\DreaBuilParAt.zip
      2013-08-12 21:30 - 2013-08-12 21:30 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Manifesto Games
      2013-08-12 21:27 - 2013-08-12 20:47 - 147049620 _____ C:\Users\Casandra\Downloads\Fruits-Inc.rar
      2013-08-11 01:19 - 2013-06-18 22:36 - 00001000 _____ C:\Users\Casandra\Desktop\Dropbox.lnk
      2013-08-11 01:19 - 2013-06-18 22:34 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
      2013-08-11 01:19 - 2013-02-26 14:37 - 00000672 _____ C:\Windows\wininit.ini
      2013-08-11 01:19 - 2009-11-24 08:16 - 00000000 ___RD C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      2013-08-10 22:24 - 2013-08-10 22:09 - 283847680 _____ C:\Users\Casandra\Downloads\DC5-BookWater.rar
      2013-08-10 16:38 - 2013-08-10 16:29 - 155322639 _____ C:\Users\Casandra\Downloads\BookofAir.rar
      2013-08-08 16:13 - 2013-08-08 16:13 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Thinstall
      2013-08-07 13:24 - 2011-11-22 19:32 - 00000000 ____D C:\Users\Casandra\Pendientes de Leer
      2013-08-07 01:37 - 2013-08-07 01:29 - 145939005 _____ C:\Users\Casandra\Downloads\DreamChronicles-Trilogy-1.rar
      2013-08-06 20:45 - 2013-08-06 20:36 - 166098691 _____ C:\Users\Casandra\Downloads\AncientRome-2.rar
      2013-08-06 13:10 - 2013-08-05 01:06 - 00000000 ____D C:\Program Files (x86)\SpeedFan
      2013-08-05 23:16 - 2013-08-05 23:16 - 00000000 ____D C:\Users\Casandra\Documents\my farm life 2
      2013-08-05 23:14 - 2013-08-05 23:14 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\aliasworlds
      2013-08-05 23:11 - 2013-08-05 23:05 - 109187697 _____ C:\Users\Casandra\Downloads\MyFarmLife-2.rar
      2013-08-05 16:14 - 2009-11-27 22:00 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2013-08-05 10:15 - 2013-08-03 13:38 - 00000000 ____D C:\Program Files (x86)\Farm Craft
      2013-08-05 10:15 - 2013-07-14 22:52 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
      2013-08-05 10:15 - 2012-11-14 17:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
      2013-08-05 10:15 - 2012-06-17 13:15 - 00000000 __SHD C:\Windows\system32\%APPDATA%
      2013-08-05 10:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
      2013-08-05 10:14 - 2013-07-14 22:53 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\TuneUp Software
      2013-08-05 10:14 - 2013-07-14 22:51 - 00000000 ____D C:\ProgramData\TuneUp Software
      2013-08-05 10:14 - 2013-06-17 11:36 - 00000000 ____D C:\Users\Public\Documents\RonyaSoft
      2013-08-05 10:14 - 2013-06-17 11:19 - 00000000 ____D C:\Program Files (x86)\RonyaSoft
      2013-08-05 10:14 - 2013-05-22 18:57 - 00000000 ____D C:\Users\Casandra\Documents\Escritorio pegado
      2013-08-05 10:14 - 2013-05-04 02:31 - 00000000 ____D C:\Program Files (x86)\VideoLAN
      2013-08-05 10:14 - 2013-02-27 00:06 - 00000000 ____D C:\Program Files (x86)\TagScanner
      2013-08-05 10:14 - 2013-02-26 14:42 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\atunes
      2013-08-05 10:14 - 2013-02-26 13:46 - 00000000 ____D C:\Users\Casandra\Documents\USB COPIA
      2013-08-05 10:14 - 2013-02-21 00:11 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\PROject MT
      2013-08-05 10:14 - 2013-02-21 00:04 - 00000000 ____D C:\ProgramData\PRMT
      2013-08-05 10:14 - 2013-02-21 00:04 - 00000000 ____D C:\Program Files (x86)\PRMT8
      2013-08-05 10:14 - 2013-02-19 19:38 - 00000000 ____D C:\Users\Casandra\Documents\Fax
      2013-08-05 10:14 - 2012-10-22 20:51 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Book Designer 4.0
      2013-08-05 10:14 - 2012-10-22 20:08 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Notepad++
      2013-08-05 10:14 - 2012-10-22 20:08 - 00000000 ____D C:\Program Files (x86)\Notepad++
      2013-08-05 10:14 - 2012-09-15 21:53 - 00000000 ____D C:\Program Files (x86)\SopCast
      2013-08-05 10:13 - 2013-02-26 14:31 - 00000000 ____D C:\Program Files (x86)\aTunes
      2013-08-05 10:13 - 2012-10-22 20:51 - 00000000 ____D C:\Program Files (x86)\Book Designer 4.0
      2013-08-05 09:09 - 2013-08-05 09:09 - 00002224 _____ C:\Users\Public\Desktop\Google Earth.lnk
      2013-08-05 09:08 - 2009-08-22 08:20 - 00000000 ____D C:\Program Files (x86)\Google
      2013-08-05 01:06 - 2013-08-05 01:06 - 02143832 _____ C:\Users\Casandra\Desktop\instsf449.exe
      2013-08-05 01:06 - 2013-08-05 01:06 - 00001023 _____ C:\Users\Casandra\Desktop\SpeedFan.lnk
      2013-08-05 01:06 - 2013-08-05 01:06 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
      2013-08-05 01:06 - 2013-08-05 01:06 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
      2013-08-05 01:06 - 2013-08-05 01:06 - 00000000 _____ C:\Users\Casandra\Downloads\initdebug.nfo
      2013-08-05 01:05 - 2013-08-05 01:05 - 00392016 _____ (Softonic ) C:\Users\Casandra\Downloads\SoftonicDownloader_para_speedfan.exe
      2013-08-05 00:32 - 2013-08-05 00:32 - 00262144 _____ C:\Windows\Minidump\080513-49686-01.dmp
      2013-08-05 00:32 - 2012-12-12 20:00 - 310511336 _____ C:\Windows\MEMORY.DMP
      2013-08-05 00:32 - 2011-05-16 02:07 - 00000000 ____D C:\Windows\Minidump
      2013-08-04 23:48 - 2013-08-04 23:41 - 119618538 _____ C:\Users\Casandra\Downloads\RoyalEnvoy(1).rar
      2013-08-04 23:38 - 2013-08-04 22:28 - 00000007 _____ C:\Users\Casandra\Downloads\RoyalEnvoy.rar
      2013-08-04 19:58 - 2012-02-07 21:11 - 00000000 ____D C:\ProgramData\Playrix Entertainment
      2013-08-04 19:21 - 2013-08-04 16:27 - 635900281 _____ C:\Users\Casandra\Downloads\Gardenscapes-2.rar
      2013-08-03 13:38 - 2013-08-03 13:38 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Craft en Español
      2013-08-03 13:37 - 2013-08-03 13:36 - 24828598 _____ C:\Users\Casandra\Downloads\Farm-Craft.rar
      2013-08-03 00:48 - 2013-08-03 00:48 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\playmink
      2013-08-03 00:46 - 2013-08-03 00:40 - 115370940 _____ C:\Users\Casandra\Downloads\Hobby-Farm.rar
      2013-08-03 00:05 - 2013-08-02 23:59 - 107225725 _____ C:\Users\Casandra\Downloads\Mama-Farm.rar
      2013-08-02 23:16 - 2013-08-02 23:16 - 00000000 ____D C:\ProgramData\CrioGames
      2013-08-02 23:12 - 2013-08-02 23:05 - 112992462 _____ C:\Users\Casandra\Downloads\FarmTribe.2.rar
      2013-08-02 12:31 - 2013-08-02 02:04 - 00000000 ____D C:\Program Files\Farm Craft 2
      2013-08-02 02:03 - 2013-08-02 01:57 - 100120008 _____ C:\Users\Casandra\Downloads\sopfamcra2.rar
      2013-08-01 23:50 - 2013-08-01 22:05 - 00007214 _____ C:\Users\Casandra\Desktop\Rkill.txt
      2013-08-01 11:45 - 2013-08-01 11:45 - 00000000 ____D C:\Users\Casandra\AppData\Roaming\NevoSoft Games
      2013-08-01 11:40 - 2013-08-01 11:40 - 00000000 ____D C:\Program Files (x86)\Juegos bettyboopz

      Files to move or delete:
      ====================
      C:\Users\Casandra\AppData\Local\Temp\java-installer.exe
      C:\Users\Casandra\AppData\Local\Temp\Rar$EX02.875\JavaRa\JavaRa.exe

      ==================== Bamital & volsnap Check =================

      C:\Windows\System32\winlogon.exe => MD5 is legit
      C:\Windows\System32\wininit.exe => MD5 is legit
      C:\Windows\SysWOW64\wininit.exe => MD5 is legit
      C:\Windows\explorer.exe => MD5 is legit
      C:\Windows\SysWOW64\explorer.exe => MD5 is legit
      C:\Windows\System32\svchost.exe => MD5 is legit
      C:\Windows\SysWOW64\svchost.exe => MD5 is legit
      C:\Windows\System32\services.exe => MD5 is legit
      C:\Windows\System32\User32.dll => MD5 is legit
      C:\Windows\SysWOW64\User32.dll => MD5 is legit
      C:\Windows\System32\userinit.exe => MD5 is legit
      C:\Windows\SysWOW64\userinit.exe => MD5 is legit
      C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


      LastRegBack: 2013-08-22 10:37

      ==================== End Of Log ============================

    3. #33
      Moderador
      Avatar de ErdrickBass
      Registrado
      jul 2009
      Ubicación
      Cd Juarez, Mex.
      Mensajes
      9.328

      Re: Problema actulizar window update (Posible virus¿?)

      Hola

      Todos los procesos que mencionas son legitimos, y si no lo fueran se veria reflejado algo en alguno de todos los reportes:
      1. nvvsvc.exe
      2. ¿Qué es csrss.exe? - Proceso/archivo: csrss.exe
      3. ¿Qué es winlogon.exe? - Proceso/archivo: winlogon.exe




      Paso 1.-: En el equipo con los demas programas cerrados:

      Inicio >>> Ejecutar >>>Escribes notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = Internet Explorer 6 Search Companion is no longer supported.
      SearchScopes: HKCU - ۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
      FF DefaultSearchEngine: Hola Search
      FF SearchEngineOrder.1: Hola Search
      FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
      FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
      FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
      FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
      FF Extension: HolaSearch - C:\Users\Casandra\AppData\Roaming\Mozilla\Firefox\Profiles\u20w4c24.default\Extensions\[email protected]
      FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
      Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
      CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx
       C:\Program Files (x86)\TornTV.com
      2013-08-28 23:17 - 2013-08-28 23:17 - 00200819 _____ C:\Windows\SysWOW64\~.tmp
      2013-08-20 22:35 - 2013-08-20 22:35 - 00000000 ____D C:\ProgramData\09-s7-n3-58-9p-s7
      C:\Users\Casandra\AppData\Local\Temp\java-installer.exe
      C:\Users\Casandra\AppData\Local\Temp\Rar$EX02.875\JavaRa\JavaRa.exe
      C:\Users\Casandra\AppData\Local\Temp\Rar$EX02.875
      Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

      Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

      Paso 2.-: Ejecutas Frst.exe.

      Presionas el botón Fix y aguardas a que termine.

      La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

      Paso 3.-: Elimina la version que tienes de AdwCleaner y Descargalo nuevamente:
      Ejecuta AdwCleaner de la siguiente forman y colocalo en el escritorio:
      • Ejecutalo con todos los programas cerrados y Desactiva temporalmente el Antivirus y/o Antispyware. Si usas windows vista o seven ejecutalo como administrador.
      • Presionas Scan y si gustas revisa que eliminara el programa, despues das a Clean y el programa hara lo suyo, posiblemente te pida reiniciar.
      • Al terminar se abrira un reporte en un archivo de texto, cuyo contenido deberas copiar y pegar en tu proxima respuesta.


      Los pegas en tu próxima respuesta. Comentando cualquier cosa que notes(en mejoria o de problemas)

      Saludos
      El cielo azul es infinitamente alto y cristalino

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #34
      Usuario Avatar de arrasando86
      Registrado
      jul 2013
      Ubicación
      ESPAÑA
      Mensajes
      23

      Re: Problema actulizar window update (Posible virus¿?)

      Hola...siento mucho la tardanza. Todo bien realizado, te adjunto los dos logs:

      Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-08-2013 04
      Ran by Casandra at 2013-09-02 12:03:04 Run:2
      Running from C:\Users\Casandra\Desktop
      Boot Mode: Normal
      ==============================================

      Content of fixlist:
      *****************
      HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = Internet Explorer 6 Search Companion is no longer supported.
      SearchScopes: HKCU - ۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
      FF DefaultSearchEngine: Hola Search
      FF SearchEngineOrder.1: Hola Search
      FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
      FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
      FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
      FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
      FF Extension: HolaSearch - C:\Users\Casandra\AppData\Roaming\Mozilla\Firefox\Profiles\u20w4c24.default\Extensions\[email protected]
      FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
      Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
      CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx
      C:\Program Files (x86)\TornTV.com
      2013-08-28 23:17 - 2013-08-28 23:17 - 00200819 _____ C:\Windows\SysWOW64\~.tmp
      2013-08-20 22:35 - 2013-08-20 22:35 - 00000000 ____D C:\ProgramData\09-s7-n3-58-9p-s7
      C:\Users\Casandra\AppData\Local\Temp\java-installer.exe
      C:\Users\Casandra\AppData\Local\Temp\Rar$EX02.875\JavaRa\JavaRa.exe
      C:\Users\Casandra\AppData\Local\Temp\Rar$EX02.875
      *****************

      HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search bar => Value deleted successfully.
      HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* => Key not found.
      HKCR\CLSID\۟ÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!ח(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* => Key not found.
      Firefox DefaultSearchEngine deleted successfully.
      Firefox SearchEngineOrder.1 deleted successfully.
      HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer => Key deleted successfully.
      C:\Windows\system32\Adobe\Director\np32dsw.dll not found.
      HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin => Key deleted successfully.
      C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll not found.
      HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2 => Key deleted successfully.
      C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found.
      HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
      FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
      C:\Users\Casandra\AppData\Roaming\Mozilla\Firefox\Profiles\u20w4c24.default\Extensions\[email protected] not found.
      C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} => Moved successfully.
      HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje => Key deleted successfully.
      "C:\Program Files (x86)\TornTV.com\torn2_10.crx" => File/Directory not found.
      C:\Windows\SysWOW64\~.tmp => Moved successfully.
      C:\ProgramData\09-s7-n3-58-9p-s7 => Moved successfully.
      C:\Users\Casandra\AppData\Local\Temp\java-installer.exe => Moved successfully.
      C:\Users\Casandra\AppData\Local\Temp\Rar$EX02.875\JavaRa\JavaRa.exe => Moved successfully.
      C:\Users\Casandra\AppData\Local\Temp\Rar$EX02.875 => Moved successfully.

      ==== End of Fixlog ====
      -----------------------------------------------------------------------------------------------------------------------------------------------------------

    5. #35
      Usuario Avatar de arrasando86
      Registrado
      jul 2013
      Ubicación
      ESPAÑA
      Mensajes
      23

      Re: Problema actulizar window update (Posible virus¿?)

      Y aqui tienes el otro:

      # AdwCleaner v3.002 - Reporte Creado 02/09/2013 en 12:39:05
      # Actualizado 01/09/2013 por Xplode
      # Sistema Operativo : Windows 7 Home Premium (64 bits)
      # Nombre de usuario : Casandra - CASANDRA-PC
      # Ejecutado desde : C:\Users\Casandra\Desktop\adwcleaner.exe
      # Opción : Limpiar

      ***** [ Servicios ] *****


      ***** [ Archivos / Carpetas ] *****


      ***** [ Accesos directos ] *****


      ***** [ Registro ] *****

      Clave Borrar : HKCU\Software\holasearch LTD

      ***** [ Navegadores ] *****

      -\\ Internet Explorer v9.0.8112.16446


      -\\ Mozilla Firefox v23.0.1 (es-ES)

      [ Archivo : C:\Users\Casandra\AppData\Roaming\Mozilla\Firefox\Profiles\u20w4c24.default\prefs.js ]

      Linea borrada : user_pref("extensions.holasearch.bbDpng", "2");
      Linea borrada : user_pref("extensions.holasearch.cntry", "ES");
      Linea borrada : user_pref("extensions.holasearch.hdrMd5", "");
      Linea borrada : user_pref("extensions.holasearch.lastVrsnTs", "");
      Linea borrada : user_pref("extensions.holasearch.sg", "er");
      Linea borrada : user_pref("extensions.holasearch.smplGrp", "er");

      *************************

      AdwCleaner[R0].txt - [58862 octets] - [26/08/2013 14:24:16]
      AdwCleaner[R1].txt - [2488 octets] - [02/09/2013 12:08:06]
      AdwCleaner[R2].txt - [1566 octets] - [02/09/2013 12:38:27]
      AdwCleaner[S0].txt - [2745 octets] - [26/08/2013 14:41:27]
      AdwCleaner[S1].txt - [2321 octets] - [02/09/2013 1239]
      AdwCleaner[S2].txt - [1408 octets] - [02/09/2013 12:39:05]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1468 octets] ##########

      Con respecto a los problemas...
      Del ordenador lento y demas no detecto nada...
      Cuando me digas actualizo
      Lo unico que veo es dentro de C: Carpetas de nombres raros ej: 32788R22FWJFW. Creo que los nombres de este estilo son basura, virus, o de programas basuras... pero ya me dices.
      Saludos, y gracias.
      Pd: Cuando me digas intento actualizar.

    6. #36
      Moderador
      Avatar de ErdrickBass
      Registrado
      jul 2009
      Ubicación
      Cd Juarez, Mex.
      Mensajes
      9.328

      Re: Problema actulizar window update (Posible virus¿?)

      Hola

      Bueno revisa los navegadores, el que no te funcione descargalo y reinstalalo(no es necesario desinstalar la version antigua).

      Convendria que reinstales Chrome puesto que parece quedo dañado

      La carpeta que mencionas no es de virus, suelen ser de actualizaciones.

      Realiza un punto de restauración y prueba actualizar. Si te pasa algun problema ya sabes que hacer.

      Nos comentas.

      Saludos
      El cielo azul es infinitamente alto y cristalino

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #37
      Usuario Avatar de arrasando86
      Registrado
      jul 2013
      Ubicación
      ESPAÑA
      Mensajes
      23

      Re: Problema actulizar window update (Posible virus¿?)

      Hola...

      Como ves por los iconos...no me ha ido bien. (si hubiese un icono de llorar lo pondría).

      Te comento... punto de resatauración realizado... y actualizaciones realizadas.

      Tenía 57 pendientes... creo que se instalaron 47 y despues me pide reiniciar y pone en la misma ventana de window update tres actualizaciones que no se han podido actualizar:

      Codigo 80070490
      Codigo 8007064A
      Codigo 80040005

      Al reiniciar lo normal es que primero me pongo muy contenta al ver que mis iconos se ven.. y lo normal intento abrir window update para actualizar las diez restantes.. y ¿que pasa? mensajito en la misma ventana que no se puede cargar la pagina

      Como he podido utilizar el ordenador NO he restaurado sistema...... Por ahora utilizo todo menos el programa de window update que no se puede abrir... ¿Sera alguna actualización que no es recomendable?....

      Siento mucho las molestias.
      Gracias y saludos.

    8. #38
      Usuario Avatar de arrasando86
      Registrado
      jul 2013
      Ubicación
      ESPAÑA
      Mensajes
      23

      Re: Problema actulizar window update (Posible virus¿?)

      Hola...siento mucho ser pesada... pero tengo novedades desde mi último mensaje.. y antes de que lo leas el anterior, te contesto de nuevo...

      Aparentemente creía en el mensaje anterior que no tenía mas problemas con la última actualización excepto la ya comentada en el anterior mensaje (no se abría update)... pero mas tarde me di cuenta que no tenia sonido en el ordenador ...así que decidi por mi misma restaurar sistema al punto anterior tal como me indicaste si había algun problema que lo hiciese... y vuala¡¡ vuelta al sonido...

      No se como ayudarte para que te sea mas facil ayudarme... Al restaurar sistema ya podía abrir windowupdate y se me ha ocurrido decirte cuales son las actualizaciones pendientes y los errores..... ¿Lo hago? Son unas cuentas y creo que lo tengo que hacer de una en una... así que ya me dices...
      También te digo que ahora no me aparecen57 actualizaciones solo 14 importantes y 2 disponibles (¿no es de locos que una vez restaurado el sistema me aparezcan menos?).... Mi deducción... es que la que me da error es el service pack 1.

      Sorry de nuevo... Esto se esta haciendo largo (y lo siento por ti)

      Saludos, y gracias.

    Página 4 de 4 PrimeroPrimero 1234