Virus del doble tilde

Perd´´on por la torpeza. A ver si ahora lo hice bien:


ComboFix 12-02-02.02 - gonzalo 08/02/2012 20:27:52.6.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.598.1033.18.4094.2684 [GMT -2:00]
Running from: c:\users\gonzalo\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
- REDUCED FUNCTIONALITY MODE -
.
.
((((((((((((((((((((((((( Files Created from 2012-01-08 to 2012-02-08 )))))))))))))))))))))))))))))))
.
.
2012-02-08 22:31 . 2012-02-08 22:32 -------- d-----w- c:\users\gonzalo\AppData\Local\temp
2012-02-08 22:31 . 2012-02-08 22:31 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-02-08 22:31 . 2012-02-08 22:31 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-02-08 22:31 . 2012-02-08 22:31 -------- d-----w- c:\users\gonsalo\AppData\Local\temp
2012-02-08 22:31 . 2012-02-08 22:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-03 13:01 . 2012-02-03 13:01 -------- d-----w- c:\users\gonzalo\AppData\Roaming\Apple Computer
2012-02-03 13:01 . 2012-02-03 13:01 -------- d-----w- c:\users\gonzalo\AppData\Roaming\Leadertech
2012-02-03 13:01 . 2012-02-03 13:01 -------- d-----w- c:\users\gonzalo\AppData\Roaming\Acer
2012-02-03 12:38 . 2012-02-03 12:47 -------- d-----w- C:\Quarentena
2012-02-01 22:09 . 2012-02-01 22:09 -------- d-----w- C:\_OTM
2012-01-30 22:01 . 2012-01-30 22:01 49664 ----a-w- c:\program files (x86)\Internet Explorer\JSProfilerCore.dll
2012-01-30 16:02 . 2012-01-30 16:02 -------- d-----w- c:\users\gonzalo\AppData\Local\Windows Live Writer
2012-01-20 15:38 . 2011-11-25 16:25 451072 ----a-w- c:\windows\system32\winsrv.dll
2012-01-20 15:38 . 2011-11-18 18:07 76800 ----a-w- c:\windows\system32\packager.dll
2012-01-20 15:38 . 2011-11-18 17:47 66560 ----a-w- c:\windows\SysWow64\packager.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2011-12-10 17:24 . 2011-12-18 22:03 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-30 04:21 . 2011-12-18 21:47 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A7B1D65D-5525-4B2B-9669-A98753CCBDE1}\mpengine.dll
2011-11-23 13:57 . 2011-12-18 21:44 2764800 ----a-w- c:\windows\system32\win32k.sys
2011-11-15 16:29 . 2009-10-02 17:44 270720 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-01_23.30.09 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-21 03:20 . 2012-02-01 20:28 32768 c:\windows\SysWOW64\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2008-01-21 03:20 . 2012-02-08 16:08 32768 c:\windows\SysWOW64\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2012-02-03 12:17 . 2012-02-08 16:08 32768 c:\windows\SysWOW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-01-21 03:20 . 2012-02-08 16:08 16384 c:\windows\SysWOW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
- 2008-01-21 03:20 . 2012-02-01 20:28 16384 c:\windows\SysWOW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
+ 2008-01-21 02:23 . 2012-02-08 22:14 86466 c:\windows\system32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
+ 2006-11-02 15:45 . 2012-02-08 22:14 84822 c:\windows\system32\WDI\BootPerformanceDiagnostics _SystemData.bin
+ 2009-04-13 22:32 . 2012-02-08 22:14 21076 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2157221983-466218985-362457082-1000_UserData.bin
+ 2012-02-08 22:32 . 2012-02-08 22:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
- 2012-02-01 23:29 . 2012-02-01 23:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
- 2012-02-01 23:29 . 2012-02-01 23:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
+ 2012-02-08 22:32 . 2012-02-08 22:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
+ 2009-04-15 02:03 . 2012-02-08 19:50 285526 c:\windows\system32\WDI\SuspendPerformanceDiagnost ics_SystemData_S3.bin
- 2006-11-02 12:46 . 2012-02-01 23:04 595798 c:\windows\system32\perfh009.dat
+ 2006-11-02 12:46 . 2012-02-08 22:19 595798 c:\windows\system32\perfh009.dat
+ 2006-11-02 12:46 . 2012-02-08 22:19 103872 c:\windows\system32\perfc009.dat
- 2006-11-02 12:46 . 2012-02-01 23:04 103872 c:\windows\system32\perfc009.dat
+ 2010-05-01 21:06 . 2012-02-08 22:31 333556 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache-System.dat
- 2010-05-01 21:06 . 2012-02-01 23:28 333556 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache-System.dat
- 2012-01-31 11:22 . 2012-02-01 23:28 334324 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache-S-1-5-21-2157221983-466218985-362457082-1000-12288.dat
+ 2012-01-31 11:22 . 2012-02-08 22:31 334324 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache-S-1-5-21-2157221983-466218985-362457082-1000-12288.dat
+ 2011-01-14 09:10 . 2011-01-14 09:10 155520 c:\windows\Installer\$PatchCache$\Managed\00004109 500200000000000000F01FEC\14.0.5130\GKWORD6.DLL
+ 2011-01-14 09:10 . 2011-01-14 09:10 140160 c:\windows\Installer\$PatchCache$\Managed\00004109 500200000000000000F01FEC\14.0.5130\GKEXCEL2.DLL
+ 2010-05-02 00:45 . 2012-02-08 22:31 8129088 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\FontCache-S-1-5-21-2157221983-466218985-362457082-1000-8192.dat
+ 2011-07-21 14:34 . 2011-07-21 14:34 3456000 c:\windows\Installer\12fe262.msp
+ 2011-01-14 09:10 . 2011-01-14 09:10 2395008 c:\windows\Installer\$PatchCache$\Managed\00004109 500200000000000000F01FEC\14.0.5130\GKWORD.DLL
+ 2011-01-14 09:10 . 2011-01-14 09:10 2180992 c:\windows\Installer\$PatchCache$\Managed\00004109 500200000000000000F01FEC\14.0.5130\GKPOWERPOINT.DL L
+ 2011-01-14 09:10 . 2011-01-14 09:10 3443072 c:\windows\Installer\$PatchCache$\Managed\00004109 500200000000000000F01FEC\14.0.5130\GKEXCEL.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "c:\program files (x86)\Family Toolbar\tbhelper.dll" [2009-05-07 355840]
.
[HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]
2009-05-07 21:46 2642432 ----a-w- c:\program files (x86)\Family Toolbar\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll [BU]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 19:50 1197448 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Internet Explorer\Toolbar]
"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files (x86)\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-04-13 68856]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-10-25 1242448]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2009-04-21 24264488]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
"PCMMediaSharing"="c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-05-21 204908]
"BkupTray"="c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-26 28672]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]
"Acer Product Registration"="c:\program files (x86)\Acer\Acer Registration\ACE1.exe" [2011-03-18 3387392]
"Acer Assist Launcher"="c:\program files (x86)\Acer\Acer Assist\launcher.exe" [2011-03-18 1261568]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-03-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-04-28 142120]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
USBKVM Switcher.lnk - c:\program files (x86)\USBKVM Switcher\USBKVM.exe [2005-1-25 184320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLUAC"= 0 (0x0)
.
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-05-21 269448]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-01 c:\windows\Tasks\FileCure Default.job
- c:\program files (x86)\ParetoLogic\FileCure\FileCure.exe [2010-10-12 17:21]
.
2012-02-08 c:\windows\Tasks\FileCure Startup.job
- c:\program files (x86)\ParetoLogic\FileCure\FileCure.exe [2010-10-12 17:21]
.
2012-02-08 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-12-18 11:50]
.
2012-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2157221983-466218985-362457082-1000Core.job
- c:\users\gonzalo\AppData\Local\Google\Update\Googl eUpdate.exe [2011-04-25 22:05]
.
2012-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2157221983-466218985-362457082-1000UA.job
- c:\users\gonzalo\AppData\Local\Google\Update\Googl eUpdate.exe [2011-04-25 22:05]
.
2012-02-08 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2006-11-02 09:45]
.
2011-04-16 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-08-04 18:19]
.
2010-01-26 c:\windows\Tasks\RPCReminder.job
- c:\program files (x86)\Winferno\RegistryPowerCleaner\RPCReminder.ex e [2009-11-11 06:42]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2008-08-19 6456352]
"Skytel"="Skytel.exe" [2008-08-19 1833504]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.myheritage.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://search.myheritage.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 200.40.220.245 200.40.30.245
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.es/Genoogle/Components/ActiveX/SearchEngineQuery.dll
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\gonzalo\AppData\Roaming\Mozilla\Firefox\P rofiles\qaa1qzgy.default\
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macrome d\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUt il11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11 c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11 c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11 c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11 c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Ty peLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Ty peLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Ty peLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Ty peLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00 ,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00 ,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
c:\program files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe
.
************************************************** ************************
.
Completion time: 2012-02-08 20:45:49 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-08 22:45
ComboFix2.txt 2012-02-08 22:16
ComboFix3.txt 2012-02-08 20:23
ComboFix4.txt 2012-02-03 13:15
ComboFix5.txt 2012-02-08 22:26
.
Pre-Run: 156.625.715.200 bytes free
Post-Run: 156.502.814.720 bytes free
.
- - End Of File - - 7332AAA64D541AF0FC31CC2707F5E68D

Hola! Aguardo respuesta del informe de combo fix que envié. Tengo una pregunta:

en mi otra PC que es Windows 7 ultimate 32 bits el doble tilde aparece en la ventana de internet explorer solamente cuando escribo en el rectángulo de buscar que se encuentra sobre la parte superior izquierda exclusivamente. Lo mismo sucede con Google Chrome pero no pasa eso Mozilla Firefox.

Qué es?

Hola,

Estoy revisando el reporte con mis compañeros,te pido un poco de paciencia.¿En el otro pc solo te pasas con el explorer?

Salu2

Lo curioso es q me pasa con el explorer solamente en el rectángulo de buscar superior izquierdo y en el google chrome el el rectángulo de buscar. NO pasacon Mozilla ni con word ni con el mail.....raro.

Hola de nuevo,

Realiza lo siguiente:

1.-Descargar OTL.exe By OldTimer a tu Escritorio.

Cerrar todos las ventanas y programas abiertos que pudieren interferir en la ejecución de la herramienta.

En el caso de no poder ejecutarlo, descargar su versión renombrada desde aquí:

OTL.com

OTL.scr

2.- Hacer doble clic sobre OTL.exe para ejecutar la herramienta.

3.- Tener en cuenta los siguientes datos de configuración antes de realizar el análisis, marcando los casilleros del siguiente modo:

° Procesos, Módulos, Servicios, Controladores, Registro Normal y Registro Adicional, deben estar marcados en Usar Listado Mínimo

° Marcar el casillero Analizar Todos

° Tipo de Análisis: Debe estar marcado el casillero Resultado completo

° Archivos Creados y Archivos Modificados: Deben estar marcados los casilleros Edad de Archivo

4.- Copiar el siguiente texto (excluyendo la palabra Código):

5.- Pegar el contenido sobre el apartado: Análisis Personalizados /Código de Reparación.


6.- Presione el botón Analizar y espere a que el proceso finalice.

Por último se van a generar 2 reportes:

• OTL.txt ----> Este debe abrir, copiar y pegar en su próxima respuesta.
• Extra.txt -----> Debe guardarlo en el Escritorio. Si es necesario, se le pedirá.

Salu2

Aqu´´i va resultado de OTL.exe:





OTL logfile created on: 27/02/2012 09:11:17 a.m. - Run 2
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\gonzalo\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000380A | Country: Uruguay | Language: ESY | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 54,08% Memory free
8,21 Gb Paging File | 6,22 Gb Available in Paging File | 75,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286,54 Gb Total Space | 143,33 Gb Free Space | 50,02% Space Free | Partition Type: NTFS
Drive D: | 289,63 Gb Total Space | 289,17 Gb Free Space | 99,84% Space Free | Partition Type: NTFS

Computer Name: GONZALO-PC | User Name: gonzalo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/27 08:27:36 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\gonzalo\Downloads\OTL.exe
PRC - [2012/01/29 22:07:21 | 000,909,152 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
PRC - [2011/03/18 04:40:25 | 000,184,320 | ---- | M] (UNICLASS) -- C:\Program Files (x86)\USBKVM Switcher\USBKVM.exe
PRC - [2010/10/12 15:21:30 | 001,693,464 | ---- | M] (ParetoLogic) -- C:\Program Files (x86)\ParetoLogic\FileCure\FileCure.exe
PRC - [2010/02/18 12:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/04/23 17:20:29 | 000,280,176 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser.exe
PRC - [2008/09/19 07:30:34 | 003,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008/09/19 03:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2008/05/20 22:50:50 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe


========== Modules (No Company Name) ==========

MOD - [2010/03/15 17:57:20 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/05/07 19:46:54 | 002,642,432 | ---- | M] () -- C:\Program Files (x86)\Family Toolbar\tbcore3.dll
MOD - [2009/05/07 19:43:00 | 000,355,840 | ---- | M] () -- C:\Program Files (x86)\Family Toolbar\tbhelper.dll
MOD - [2008/04/28 14:49:18 | 000,002,560 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 1910 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2008/01/21 00:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/11 01:11:30 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/01/30 01:05:07 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/01/29 22:07:21 | 000,909,152 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/11/10 11:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/30 02:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/19 03:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2008/05/20 22:50:50 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/04/16 09:33:36 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/01/26 18:52:22 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/09/30 22:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/08/05 02:29:26 | 000,056,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/01/30 22:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008/01/30 22:48:16 | 000,016,384 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=380a&s=1&o=vp64&d=1006&m=aspire_ x1700
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2157221983-466218985-362457082-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-2157221983-466218985-362457082-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2157221983-466218985-362457082-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKU\S-1-5-21-2157221983-466218985-362457082-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2157221983-466218985-362457082-1000\..\URLSearchHook: {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files (x86)\Family Toolbar\tbhelper.dll ()
IE - HKU\S-1-5-21-2157221983-466218985-362457082-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2157221983-466218985-362457082-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gonzalo\AppData\Local\Google\Update\1.3.2 1.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gonzalo\AppData\Local\Google\Update\1.3.2 1.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\gonzalo\AppData\LocalLow\Unity\WebPlayer\ loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012/01/29 22:07:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/03/23 21:09:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/03/23 21:09:07 | 000,000,000 | ---D | M]

[2011/03/06 22:34:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/05/01 18:08:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 18:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/29 22:07:09 | 000,003,769 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011/03/23 21:09:03 | 000,003,996 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
[2011/03/23 21:09:03 | 000,000,751 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
[2011/03/23 21:09:03 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={54086C24-0A24-47B1-9EDE-BB0CA71C3F55}&mid=6cf5ce00465f47d689d9d168d14e8931-f282e5b42c356bece999cd238f4a2f89af02414d&lang=es-es&ds=AVG&pr=fr&d=2011-12-18 20:11:55&v=10.0.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&in putencoding={inputEncoding}&outputencoding={output Encoding}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\gonzalo\AppData\Local\Google\Chrome\Appli cation\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\gonzalo\AppData\Local\Google\Chrome\Appli cation\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\gonzalo\AppData\Local\Google\Chrome\Appli cation\16.0.912.77\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfme joahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\gonzalo\AppData\LocalLow\Unity\WebPlayer\ loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\gonzalo\AppData\Local\Google\Update\1.3.2 1.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.2_0\
CHR - Extension: YouTube = C:\Users\gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.3_0\
CHR - Extension: B\u00FAsqueda de Google = C:\Users\gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.16_0\
CHR - Extension: AVG Safe Search = C:\Users\gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfme joahla\12.0.0.1857_0\
CHR - Extension: AVG Safe Search = C:\Users\gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfme joahla\12.0.0.1901_0\
CHR - Extension: Gmail = C:\Users\gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\6.1.4_0\
CHR - Extension: Gmail = C:\Users\gonzalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\

O1 HOSTS File: ([2012/02/08 20:32:47 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MHTBPos00 Class) - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\s wg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-2157221983-466218985-362457082-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2157221983-466218985-362457082-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-2157221983-466218985-362457082-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-2157221983-466218985-362457082-1000\..\Toolbar\WebBrowser: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKU\S-1-5-21-2157221983-466218985-362457082-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2157221983-466218985-362457082-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2157221983-466218985-362457082-1001..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2157221983-466218985-362457082-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_Ac tiveX.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-21-2157221983-466218985-362457082-1001..\RunOnce: [RUN] C:\Windows\Acer_Normal\run_DT.exe ()
O4 - HKU\S-1-5-21-2157221983-466218985-362457082-1001..\RunOnce: [spchecker] "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUAC = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2157221983-466218985-362457082-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2157221983-466218985-362457082-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2157221983-466218985-362457082-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2157221983-466218985-362457082-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2157221983-466218985-362457082-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-2157221983-466218985-362457082-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.es/Genoogle/Components/ActiveX/SearchEngineQuery.dll (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.40.220.245 200.40.30.245
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{C163FDE0-3634-4EAC-8584-85130DD122FA}: DhcpNameServer = 200.40.220.245 200.40.30.245
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O18:64bit: - Protocol\Filter\x-sdch - No CLSID value found
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*



CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/02/09 09:42:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/02/08 20:46:04 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\temp
[2012/02/08 20:26:09 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/02/08 20:25:57 | 004,395,020 | R--- | C] (Swearware) -- C:\Users\gonzalo\Desktop\ComboFix.exe
[2012/02/03 11:18:05 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Roaming\Macromedia
[2012/02/03 11:01:15 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Roaming\Apple Computer
[2012/02/03 11:01:13 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Roaming\Leadertech
[2012/02/03 11:01:13 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Roaming\Acer
[2012/02/03 10:49:33 | 000,000,000 | R--D | C] -- C:\Users\gonzalo\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup
[2012/02/03 10:49:33 | 000,000,000 | R--D | C] -- C:\Users\gonzalo\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Administrative Tools
[2012/02/03 10:48:36 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Roaming\Adobe
[2012/02/03 10:38:19 | 000,000,000 | ---D | C] -- C:\Quarentena
[2012/02/01 20:45:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/01 20:45:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/01 20:45:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/01 20:43:57 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/01 20:43:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/01 20:13:45 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{C840769C-FB1B-473A-B7EE-F0119A967C3B}
[2012/02/01 20:13:27 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{91F19ADA-22FB-4ABA-94E4-3B3516D67C7C}
[2012/02/01 20:09:20 | 000,000,000 | ---D | C] -- C:\_OTM
[2012/02/01 18:29:23 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{7EFAB836-9EC9-4CC4-A6D1-7C38B1DC38C3}
[2012/02/01 18:29:10 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{8ED011E6-C15F-4769-89DF-EF3C84E0CECD}
[2012/01/31 09:05:14 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{ACA06512-AD02-4D76-9BB3-4016DE6D08AC}
[2012/01/31 09:04:58 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{DB7F66D2-10B0-433D-82AC-B295B7E58025}
[2012/01/30 20:02:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/01/30 20:02:04 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/01/30 20:02:04 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/01/30 20:02:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/01/30 20:02:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/01/30 20:02:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/01/30 20:02:03 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/01/30 20:02:03 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/01/30 20:02:03 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/01/30 20:02:03 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/01/30 20:02:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/01/30 20:02:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/01/30 20:02:03 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/01/30 20:02:03 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/01/30 20:02:03 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/01/30 20:02:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/01/30 20:02:02 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/01/30 20:02:02 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/01/30 20:02:02 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/01/30 20:02:02 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/01/30 20:02:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/01/30 20:01:58 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/01/30 20:01:58 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/01/30 20:01:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/01/30 20:01:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/01/30 20:01:58 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/01/30 20:01:58 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/01/30 20:01:58 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2012/01/30 20:01:58 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/01/30 20:01:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/01/30 20:01:57 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/01/30 20:01:57 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/01/30 20:01:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/01/30 20:01:55 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/01/30 20:01:55 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/01/30 20:01:55 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/01/30 20:01:55 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/01/30 20:01:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/01/30 20:01:55 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/01/30 20:01:55 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/01/30 20:01:55 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/01/30 20:01:54 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/01/30 20:01:54 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/01/30 20:01:54 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/01/30 20:01:54 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/01/30 20:01:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2012/01/30 20:01:54 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/01/30 20:01:54 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/01/30 20:01:54 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/01/30 20:01:54 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/01/30 20:01:54 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/01/30 20:01:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/01/30 20:01:54 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/01/30 20:01:53 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/01/30 20:01:53 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/01/30 20:01:53 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/01/30 20:01:53 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/01/30 20:01:53 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/01/30 20:01:53 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/01/30 20:01:53 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/01/30 20:01:53 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/01/30 20:01:53 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/01/30 20:01:53 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/01/30 20:01:53 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/01/30 20:01:52 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/01/30 20:01:52 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/01/30 20:01:52 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/01/30 20:01:52 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/01/30 20:01:52 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/01/30 20:01:52 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/01/30 20:01:52 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/01/30 20:01:51 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/01/30 20:01:51 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/01/30 20:01:51 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/01/30 17:16:01 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{7864940E-A786-4CEA-AE10-EB366404162F}
[2012/01/30 17:15:45 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{73D6E696-EFA5-43B5-B98A-1B0DF315D341}
[2012/01/30 14:02:57 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{D1A36190-6580-472F-97D0-3AB179FD551F}
[2012/01/30 14:02:35 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{88B1BC20-A422-467A-839F-290A3C5539BC}
[2012/01/30 14:02:21 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\Windows Live Writer
[2012/01/30 11:17:49 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{801E9319-79C2-44B1-8E04-11B4F14C1C31}
[2012/01/30 11:17:30 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{3173B41C-8FA5-4829-ACE0-28043CCFE777}
[2012/01/30 01:05:08 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{D697E93C-F269-4349-9179-BDFBB9385895}
[2012/01/30 01:04:44 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{56396662-BE42-4C1F-81C9-CADD84D46ABE}
[2012/01/29 22:40:11 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{D1576B2B-D7AA-4C91-93CD-349824ECE9FB}
[2012/01/29 22:39:56 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{E9507CF2-C425-4CF7-B0CA-2B42EF5031F1}
[2012/01/29 22:06:35 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{F88381A1-4FB7-46A7-841C-736114BDF482}
[2012/01/29 22:06:22 | 000,000,000 | ---D | C] -- C:\Users\gonzalo\AppData\Local\{52FB0ED5-83B2-4B8A-AFFA-E27898DC40E3}

========== Files - Modified Within 30 Days ==========

[2012/02/27 09:05:14 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2157221983-466218985-362457082-1000UA.job
[2012/02/27 09:05:12 | 000,002,096 | ---- | M] () -- C:\Users\gonzalo\Desktop\Google Chrome.lnk
[2012/02/27 08:32:29 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/27 08:32:29 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/27 08:32:29 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/27 08:30:26 | 000,000,860 | ---- | M] () -- C:\Users\gonzalo\Desktop\OTL - Shortcut.lnk
[2012/02/27 08:26:49 | 000,075,029 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/02/27 08:26:49 | 000,075,029 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/02/27 08:26:40 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/27 08:26:40 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/27 08:26:40 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/02/27 08:26:39 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\FileCure Startup.job
[2012/02/27 08:26:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/09 19:04:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2157221983-466218985-362457082-1000Core.job
[2012/02/09 18:04:34 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2012/02/08 20:32:47 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/02/08 2002 | 000,000,913 | ---- | M] () -- C:\Users\gonzalo\Desktop\ComboFix - Shortcut.lnk
[2012/02/08 18:02:53 | 004,395,020 | R--- | M] (Swearware) -- C:\Users\gonzalo\Desktop\ComboFix.exe
[2012/02/01 18:34:29 | 000,000,680 | ---- | M] () -- C:\Users\gonzalo\AppData\Local\d3d9caps.dat
[2012/01/30 20:02:19 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2012/01/30 20:02:19 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
[2012/01/30 20:02:19 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2012/01/30 20:02:19 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
[2012/01/30 20:02:04 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/01/30 20:02:04 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/01/30 20:02:04 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/01/30 20:02:04 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/01/30 20:02:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/01/30 20:02:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/01/30 20:02:03 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/01/30 20:02:03 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/01/30 20:02:03 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/01/30 20:02:03 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/01/30 20:02:03 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/01/30 20:02:03 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/01/30 20:02:03 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/01/30 20:02:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/01/30 20:02:03 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/01/30 20:02:03 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/01/30 20:02:03 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/01/30 20:02:02 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/01/30 20:02:02 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/01/30 20:02:02 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/01/30 20:02:02 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/01/30 20:02:02 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/01/30 20:01:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/01/30 20:01:58 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/01/30 20:01:58 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/01/30 20:01:58 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/01/30 20:01:58 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/01/30 20:01:58 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/01/30 20:01:58 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2012/01/30 20:01:58 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/01/30 20:01:58 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/01/30 20:01:57 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/01/30 20:01:57 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/01/30 20:01:57 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/01/30 20:01:55 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/01/30 20:01:55 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/01/30 20:01:55 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/01/30 20:01:55 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/01/30 20:01:55 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/01/30 20:01:55 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/01/30 20:01:55 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/01/30 20:01:55 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/01/30 20:01:54 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/01/30 20:01:54 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/01/30 20:01:54 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/01/30 20:01:54 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/01/30 20:01:54 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2012/01/30 20:01:54 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/01/30 20:01:54 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/01/30 20:01:54 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/01/30 20:01:54 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/01/30 20:01:54 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/01/30 20:01:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/01/30 20:01:54 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/01/30 20:01:53 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/01/30 20:01:53 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/01/30 20:01:53 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/01/30 20:01:53 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/01/30 20:01:53 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/01/30 20:01:53 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/01/30 20:01:53 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/01/30 20:01:53 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/01/30 20:01:53 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/01/30 20:01:53 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/01/30 20:01:53 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/01/30 20:01:53 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/01/30 20:01:52 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/01/30 20:01:52 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/01/30 20:01:52 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/01/30 20:01:52 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/01/30 20:01:52 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/01/30 20:01:52 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/01/30 20:01:52 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/01/30 20:01:51 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/01/30 20:01:51 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/01/30 20:01:51 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/01/29 22:11:33 | 000,000,952 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

========== Files Created - No Company Name ==========

[2012/02/27 09:08:50 | 000,000,860 | ---- | C] () -- C:\Users\gonzalo\Desktop\OTL - Shortcut.lnk
[2012/02/08 2002 | 000,000,913 | ---- | C] () -- C:\Users\gonzalo\Desktop\ComboFix - Shortcut.lnk
[2012/02/01 20:45:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/01 20:45:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/01 20:45:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/01 20:45:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/01 20:45:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/30 20:02:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/01/30 20:01:53 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/01/29 22:11:33 | 000,000,952 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/03/18 23:32:27 | 000,000,075 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2011/03/18 01:40:49 | 000,075,029 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/03/18 01:40:43 | 000,075,029 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/05/14 11:03:02 | 000,000,390 | ---- | C] () -- C:\Windows\wininit.ini
[2010/04/11 13:24:23 | 000,000,515 | ---- | C] () -- C:\Windows\Viewer.INI
[2010/04/04 18:18:13 | 000,001,092 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2010/04/04 15:15:16 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll

========== Custom Scans ==========


< %systemroot%\System32\config\*.sav >

< %SYSTEMDRIVE%\*.* >
[2009/04/11 04:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2011/03/18 01:47:48 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012/01/30 19:52:31 | 000,000,073 | ---- | M] () -- C:\Bug_TKill.txt
[2012/02/08 20:45:55 | 000,019,130 | ---- | M] () -- C:\ComboFix.txt
[2012/02/27 08:26:31 | 312,811,519 | -HS- | M] () -- C:\pagefile.sys
[2009/03/13 23:33:11 | 000,000,787 | ---- | M] () -- C:\RHDSetup.log
[2011/12/18 21:27:42 | 000,000,321 | ---- | M] () -- C:\rkill.log
[2012/02/03 10:47:27 | 000,002,355 | ---- | M] () -- C:\R_TKill.txt
[2011/12/19 13:36:50 | 000,263,756 | ---- | M] () -- C:\TDSSKiller.2.6.23.0_19.12.2011_11.00.22_log.txt

< %appdata%\* >

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:C95B63DA

< End of report >

Hola de nuevo,

Una pregunta:¿Cuántos complementos tienes instalados en internet explorer?¿Has probado a quitar todos para ver si te sigue ocurriendo el problema?

Salu2

Perdoname mi ignorancia pero a que te refieres con complementos y como los quito?

Hola de nuevo,

Probemos internet explorer sin complementos del siguiente modo:

Haga clic en el botón Inicio, haga clic en Todos los programas, haga clic en Accesorios, haga clic en Herramientas del sistema y, luego, haga clic en Internet Explorer (sin complementos).

Nos comentas si pasa la doble tilde

Salu2

voy a:

All programs, Accesories, System Tools, pero dentro de esta ultima no esta la opcion Internet Explorer.

que hago?

Sds,