• Registrarse
  • Iniciar sesión


  • Página 1 de 4 1234 ÚltimoÚltimo
    Resultados 1 al 10 de 36

    Redireccion! (Solucionado)

    Resumen del tema: Redireccion! (Solucionado) - Hola permitanme presentarme y a la vez saludarle me llamo william y tengo una molestia en mi pc, hace como una semana que lo descubri e inmediatamente comence a buscar solusion a ello peor nada. ...

      
    1. #1
      Usuario Avatar de walo25
      Registrado
      jul 2012
      Ubicación
      cartagena-colombia
      Mensajes
      18

      Redireccion! (Solucionado)

      Hola permitanme presentarme y a la vez saludarle me llamo william y tengo una molestia en mi pc, hace como una semana que lo descubri e inmediatamente comence a buscar solusion a ello peor nada. y de tanto buscar di con esta pagina, me registre y me pude dar cuenta de que tenian temas iguales al mio ya resuelto con la diferencia de que era para firefox en lo cual tambien me ayudo. bueno todo empezo cuando abri el navegador google chrome, cuando le doy para abrir una nueba pestaña se direcciona sola y me aparece esta http://paginadañina.com la cual pude eliminar junto con el tal bailon o algo asi que siemper me aparecia y hasta creia que era normal, en firefox use dos temas que aparecen resuelto pero en google chrome no lo he podido eliminar y esta super lento la pc.
      porfa ayudenme.
      muchas gracias... espero y me ayuden.

    2. #2
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.156

      Re: Redireccion!

      Hola walo25 bienvenid@ al foro de InfoSpyware

      Descarga y ejecuta AT-Destroyer 1.5 (by InfoSpyware) y pega el informe.

      Descarga Ccleaner + Manual ejecutalo primero en "limpiador" y luego en "registro" haciendo copia de seguridad cuando te lo pregunte.


      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de walo25
      Registrado
      jul 2012
      Ubicación
      cartagena-colombia
      Mensajes
      18

      Re: Redireccion!

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.5 By Infospyware
      www.infospyware.com
      Fecha iniciada en el analisis 16/07/2012
      Hora iniciada en el analisis 19:11:15,22
      Usuario Actual : [C:\Users\WILLIAN]
      Sistema Operativo: Windows 7 Professional
      Service pack: Service Pack 1
      Arquitectura: Sistema operativo de 32 bits
      Versión Internet Explorer: 9.0.8112.16421
      Modo Actual: Modo Normal.
      Privilegios: [WILLIAN-Administrador]
      Versión Google Chrome: 20.0.1132.57
      Versión Mozilla Firefox: 12.0

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======


      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | ( ApnUpdater )
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | ( {D4027C7F-154A-4066-A1AD-4243D8127440} )
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
      HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}
      HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}\InprocServer32
      HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}\Programmable
      HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1\CLSID
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd\CLSID
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd\CurVer
      HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd
      HKEY_CURRENT_USER\Software\Conduit\AppPaths
      HKEY_CURRENT_USER\Software\Conduit\AppPaths\ch20UPD
      HKEY_CURRENT_USER\Software\Conduit


      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\Users\WILLIAN\AppData\Roaming\OpenCandy\A9DC2CD13AB44AA1AC9DB77B8DF728E0
      C:\Users\WILLIAN\AppData\Roaming\OpenCandy\A9DC2CD13AB44AA1AC9DB77B8DF728E0\OpenCandyU1Dlm.dll
      C:\Users\WILLIAN\AppData\Roaming\OpenCandy\A9DC2CD13AB44AA1AC9DB77B8DF728E0\Pokki.exe
      C:\Users\WILLIAN\AppData\Roaming\OpenCandy\A9DC2CD13AB44AA1AC9DB77B8DF728E0\PokkiPACK_Stp2v3.exe
      "C:\Users\WILLIAN\AppData\Roaming\OpenCandy"
      C:\Program Files\Ask.com\assets
      C:\Program Files\Ask.com\cobrand.ico
      C:\Program Files\Ask.com\config.xml
      C:\Program Files\Ask.com\favicon.ico
      C:\Program Files\Ask.com\fv_15f0.ico
      C:\Program Files\Ask.com\GenericAskToolbar.dll
      C:\Program Files\Ask.com\mupcfg.xml
      C:\Program Files\Ask.com\precache.exe
      C:\Program Files\Ask.com\SaUpdate.exe
      C:\Program Files\Ask.com\Updater
      C:\Program Files\Ask.com\UpdateTask.exe
      C:\Program Files\Ask.com\assets\oobe
      C:\Program Files\Ask.com\assets\oobe\b.png
      C:\Program Files\Ask.com\assets\oobe\bl.png
      C:\Program Files\Ask.com\assets\oobe\br.png
      C:\Program Files\Ask.com\assets\oobe\l.png
      C:\Program Files\Ask.com\assets\oobe\pointer.png
      C:\Program Files\Ask.com\assets\oobe\r.png
      C:\Program Files\Ask.com\assets\oobe\t.png
      C:\Program Files\Ask.com\assets\oobe\tl.png
      C:\Program Files\Ask.com\assets\oobe\tr.png
      C:\Program Files\Ask.com\Updater\config.xml
      C:\Program Files\Ask.com\Updater\Updater.exe
      "C:\Program Files\Ask.com"
      C:\ProgramData\Ask\APN-Stub
      "C:\ProgramData\Ask"
      C:\Users\WILLIAN\Appdata\Local\GDIPFONTCACHEV1.DAT


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page REG_SZ http://www.google.com
      Search Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Local Page REG_SZ C:\Windows\system32\blank.htm

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page REG_SZ http://www.google.com
      Search Page REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page REG_SZ C:\Windows\System32\blank.htm
      Default_Search_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157


      "HKEY_USERS\S-1-5-21-1237375344-571389785-2974635238-1000\Software\Microsoft\Internet Explorer\Main"
      Start Page REG_SZ http://www.google.com
      Search Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Local Page REG_SZ C:\Windows\system32\blank.htm


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com./",
      "homepage_is_newtabpage": false,
      "homepage": "http://www.google.com./",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,
      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com./",
      "homepage_is_newtabpage": false,
      "homepage": "http://www.google.com./",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("pref.browser.homepage.disable_button.current_page", false);
      user_pref("browser.startup.homepage", "http://google.com");
      user_pref("pref.browser.homepage.disable_button.current_page", false);
      user_pref("browser.startup.homepage", "http://google.com");




      ======= EOF =======

      hice lo que me dijistes pero aun no se ha solucionado el problema en chrome.

    4. #4
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.156

      Re: Redireccion!

      Realizá lo siguiente:

      Descargar OTL en el escritorio.
      • Haga doble clic sobre el icono para ejecutarla.
        • Asegúrese de que todas las ventanas estén cerradas y que no se interrumpa la ejecución.
      • Marque la opción Analizar todos
      • Haga clic en el botón Analizar.
      • No modifique alguna otra configuración a menos que se le indique.
      • Sea paciente, el escaneo se puede llevar un tiempo.
        • Cuando finalice la exploración, se abrirán dos ventanas con el block de notas: OTL.Txt y Extras.Txt, estos se guardan en el escritorio.
        • Copie (Editar-> Seleccionar todo, Editar-> Copiar) el contenido del archivo OTL.txt y péguelo en la siguiente respuesta.
      • Cierre la herramienta al terminar el proceso.


      Salu2!!.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de walo25
      Registrado
      jul 2012
      Ubicación
      cartagena-colombia
      Mensajes
      18

      Re: Redireccion!

      OTL logfile created on: 18/07/2012 20:12:45 - Run 3
      OTL by OldTimer - Version 3.2.54.0 Folder = D:\Mis documentos\MIS DESCARGAS\reparar sistem
      Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: Colombia | Language: ESO | Date Format: dd/MM/yyyy

      1,97 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 69,80% Memory free
      7,83 Gb Paging File | 6,93 Gb Available in Paging File | 88,51% Paging File free
      Paging file location(s): [Binary data over 100 bytes]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 97,56 Gb Total Space | 63,90 Gb Free Space | 65,50% Space Free | Partition Type: NTFS
      Drive D: | 368,10 Gb Total Space | 187,47 Gb Free Space | 50,93% Space Free | Partition Type: NTFS
      Drive E: | 170,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
      Drive F: | 101,00 Mb Total Space | 70,78 Mb Free Space | 70,08% Space Free | Partition Type: NTFS

      Computer Name: WILLIAN-PC | User Name: WILLIAN | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - D:\Mis documentos\MIS DESCARGAS\reparar sistem\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
      PRC - C:\Archivos de programa\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
      PRC - C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe (Nokia)
      PRC - C:\Archivos de programa\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
      PRC - C:\Archivos de programa\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
      PRC - C:\Archivos de programa\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
      PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Sidebar\sidebar.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Archivos de programa\Nokia\Nokia Suite\phonon4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtXmlPatterns4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtXml4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtWebKit4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtScript4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtSql4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtNetwork4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtOpenGL4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtGui4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtMultimediaKit1.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtDeclarative4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtCore4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\Imageformats\qjpeg4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\Imageformats\qico4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\Imageformats\qgif4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\NService.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\CommonUpdateChecker.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\ssoengine.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\securestorage.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\mediaservice\dsengine.dll ()


      ========== Win32 Services (SafeList) ==========

      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
      SRV - (SkypeUpdate) -- C:\Archivos de programa\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (ServiceLayer) -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe (Nokia)
      SRV - (NitroReaderDriverReadSpool2) -- C:\Archivos de programa\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
      SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (BBUpdate) -- C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
      SRV - (BBSvc) -- C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
      SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
      SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
      SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
      SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (iprip) -- C:\Windows\System32\iprip.dll (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (aupii37f) -- File not found
      DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
      DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
      DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
      DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
      DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
      DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
      DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
      DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
      DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
      DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
      DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
      DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
      DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
      DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\..\URLSearchHook: {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - No CLSID value found
      IE - HKLM\..\URLSearchHook: {d0963282-f033-4037-b703-d4fc21e05402} - C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll (Conduit Ltd.)
      IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-CO
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 81 11 49 64 99 2B CD 01 [binary data]
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\URLSearchHook: {d0963282-f033-4037-b703-d4fc21e05402} - C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll (Conduit Ltd.)
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\SearchScopes\{BD39993D-364F-4BAB-89DF-ADFDBCEB363D}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYCO&apn_uid=547de223-9a40-47a6-b0df-eb63a028fd62&apn_sauid=CE356F08-3968-4296-B486-894ED598FABA
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6R8yk97TJw&i=26
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultengine: "Ask.com"
      FF - prefs.js..browser.search.defaultenginename: "Ask.com"
      FF - prefs.js..browser.search.order.1: "Ask.com"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.startup.homepage: "https://www.google.com.co/"
      FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU2&o=14670&locale=es_ES&apn_uid=547de223-9a40-47a6-b0df-eb63a028fd62&apn_ptnrs=T8&apn_sauid=CE356F08-3968-4296-B486-894ED598FABA&apn_dtid=YYYYYYYYCO&&q="
      FF - prefs.js..network.proxy.type: 0


      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
      FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\WILLIAN\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\WILLIAN\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\WILLIAN\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/27 22:11:14 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/05 00:32:57 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\TelevisionFanatic\bar\1.bin
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Windows.old\Program Files\Mozilla Firefox\components [2012/06/30 20:12:26 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Windows.old\Program Files\Mozilla Firefox\plugins [2012/04/18 22:55:50 | 000,000,000 | ---D | M]

      [2012/05/04 20:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WILLIAN\AppData\Roaming\mozilla\Extensions
      [2012/07/17 15:53:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions
      [2012/07/16 21:52:06 | 000,000,000 | ---D | M] (BittorrentBar_ES Community Toolbar) -- C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}
      [2012/07/13 19:57:30 | 000,013,610 | ---- | M] () (No name found) -- C:\USERS\WILLIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZEB1MQQA.DEFAULT\EXTENSIONS\{A3A5C777-F583-4FEF-9380-AB4ADD1BC2A8}.XPI

      ========== Chrome ==========

      CHR - homepage: http://www.google.com/
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://www.google.com/
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
      CHR - plugin: Perion plugin (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll
      CHR - plugin: Skype Click to Call (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\npSkypeChromePlugin.dll
      CHR - plugin: registryAccess (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoomnboffjcgcebabolakmhbblbk\7.15.4.0_0\background/registryAccess.dll
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL
      CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
      CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll
      CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
      CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
      CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
      CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\WILLIAN\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
      CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
      CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
      CHR - Extension: WinZipBar_ES = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnlhlmejfifcbcndkkiialigdmjdiahn\2.3.15.10_0\
      CHR - Extension: avast! WebRep = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
      CHR - Extension: New tab for Chrome\u2122 = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
      CHR - Extension: BittorrentBar_ES = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhpgolofjlpnkdafbgejgnclbjnpgfee\2.3.15.10_0\
      CHR - Extension: Skype Click to Call = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\
      CHR - Extension: \u003Cvideo\u003E de HTML5 de DivX Plus Web Player = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

      O1 HOSTS File: ([2012/07/14 17:28:20 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Archivos de programa\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (no name) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - No CLSID value found.
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (WinZipBar_ES Toolbar) - {d0963282-f033-4037-b703-d4fc21e05402} - C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll (Conduit Ltd.)
      O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (WinZipBar_ES Toolbar) - {d0963282-f033-4037-b703-d4fc21e05402} - C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll (Conduit Ltd.)
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKU\S-1-5-21-1237375344-571389785-2974635238-1000..\Run: [ccleaner] D:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
      O4 - HKU\S-1-5-21-1237375344-571389785-2974635238-1000..\Run: [Facebook Update] C:\Users\WILLIAN\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKU\S-1-5-21-1237375344-571389785-2974635238-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O8 - Extra context menu item: Descargar con Mipony - file://D:\PROGRAMAS\MiPony\Browser\IEContext.htm File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
      O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
      O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
      O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
      O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
      O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{741C709B-69CD-4EEA-8AAC-411D917691A9}: DhcpNameServer = 192.168.1.1
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O32 - AutoRun File - [2010/06/14 15:14:23 | 000,000,131 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/07/14 18:26:39 | 000,000,000 | ---D | C] -- C:\Users\WILLIAN\AppData\Roaming\GlarySoft
      [2012/07/14 18:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
      [2012/07/14 18:17:50 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSSTDFMT.DLL
      [2012/07/14 18:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
      [2012/07/14 18:08:37 | 000,000,000 | ---D | C] -- C:\Users\WILLIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
      [2012/07/14 18:03:33 | 000,739,808 | ---- | C] (Google Inc.) -- C:\Users\WILLIAN\Desktop\ChromeSetup.exe
      [2012/07/14 17:55:57 | 000,000,000 | ---D | C] -- C:\Windows\temp
      [2012/07/14 17:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
      [2012/07/14 17:41:52 | 000,000,000 | ---D | C] -- C:\Users\WILLIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
      [2012/07/14 17:31:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2012/07/14 17:18:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2012/07/14 17:18:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2012/07/14 17:18:09 | 000,000,000 | ---D | C] -- C:\ComboFix
      [2012/07/14 17:18:05 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2012/07/14 17:17:42 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
      [2012/07/13 21:57:03 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/07/07 21:32:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun
      [2012/07/07 21:31:55 | 000,000,000 | ---D | C] -- C:\Program Files\Perion
      [2012/07/07 21:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
      [2012/07/07 21:27:15 | 021,054,960 | ---- | C] (Oracle Corporation) -- C:\Users\WILLIAN\Desktop\jre-7u5-windows-i586.exe
      [2012/07/07 21:26:56 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
      [2012/07/07 21:26:37 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
      [2012/07/07 21:26:37 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
      [2012/07/02 20:14:29 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
      [2012/07/02 01:45:28 | 000,000,000 | ---D | C] -- C:\Users\WILLIAN\Documents\Nokia Suite
      [2012/07/02 00:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
      [2012/07/02 00:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
      [2012/07/01 22:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
      [2012/06/30 16:14:31 | 000,016,384 | ---- | C] (qmm) -- C:\Windows\System32\Wintmpq18.dll
      [2012/06/30 15:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\TheQGroup
      [2012/06/30 15:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ELL Technologies
      [2012/06/30 15:54:48 | 000,000,000 | ---D | C] -- C:\Program Files\ELL Technologies
      [2012/06/28 22:25:46 | 000,000,000 | ---D | C] -- C:\Users\WILLIAN\AppData\Local\Macromedia
      [2012/06/28 01:00:02 | 000,000,000 | ---D | C] -- C:\Program Files\Java
      [2012/06/28 00:29:50 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire 5
      [2012/06/28 00:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
      [2012/06/21 11:42:04 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
      [2012/06/21 11:42:03 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
      [2012/06/21 11:41:52 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
      [2012/06/21 11:41:52 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
      [2012/06/21 11:41:51 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
      [2012/06/21 11:41:37 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
      [2012/06/21 11:41:37 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
      [2012/06/20 20:29:50 | 000,000,000 | ---D | C] -- C:\Windows\pss
      [2012/06/20 00:16:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
      [2012/06/20 00:16:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\BestPractices
      [2012/06/20 00:16:25 | 000,000,000 | ---D | C] -- C:\inetpub
      [2012/06/19 21:01:28 | 000,000,000 | ---D | C] -- C:\Users\WILLIAN\AppData\Roaming\uTorrent
      [2003/03/19 06:03:28 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Setup.Exe
      [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/07/18 20:08:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000UA.job
      [2012/07/18 19:36:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/07/18 19:29:00 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/07/18 18:55:38 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/07/18 18:55:33 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/07/18 18:54:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/07/18 18:54:54 | 1583,153,152 | -HS- | M] () -- C:\hiberfil.sys
      [2012/07/18 18:08:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000Core.job
      [2012/07/18 17:26:01 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000UA.job
      [2012/07/18 17:26:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000Core.job
      [2012/07/16 18:28:52 | 000,064,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/07/16 18:28:52 | 000,064,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/07/16 17:58:46 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
      [2012/07/14 18:17:51 | 000,000,736 | ---- | M] () -- C:\Users\WILLIAN\Desktop\SpywareBlaster.lnk
      [2012/07/14 18:08:42 | 000,002,284 | ---- | M] () -- C:\Users\WILLIAN\Desktop\Google Chrome.lnk
      [2012/07/14 18:03:42 | 000,739,808 | ---- | M] (Google Inc.) -- C:\Users\WILLIAN\Desktop\ChromeSetup.exe
      [2012/07/14 17:55:55 | 000,000,729 | ---- | M] () -- C:\Users\WILLIAN\Desktop\Glary Utilities.lnk
      [2012/07/14 17:41:52 | 000,000,749 | ---- | M] () -- C:\Users\WILLIAN\Desktop\Revo Uninstaller.lnk
      [2012/07/14 17:28:20 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
      [2012/07/13 18:24:52 | 000,729,251 | ---- | M] () -- C:\Users\WILLIAN\Desktop\mv-agusta-f3.jpg
      [2012/07/13 18:24:13 | 000,072,608 | ---- | M] () -- C:\Users\WILLIAN\Desktop\MV-Agusta-F3-11-1.jpg
      [2012/07/12 14:37:34 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
      [2012/07/12 14:37:34 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
      [2012/07/10 14:35:54 | 000,772,396 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2012/07/10 14:35:54 | 000,673,506 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2012/07/10 14:35:54 | 000,164,796 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2012/07/10 14:35:54 | 000,125,422 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2012/07/07 21:30:05 | 021,054,960 | ---- | M] (Oracle Corporation) -- C:\Users\WILLIAN\Desktop\jre-7u5-windows-i586.exe
      [2012/07/07 21:26:26 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
      [2012/07/07 21:26:25 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
      [2012/07/05 00:33:00 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
      [2012/07/03 11:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
      [2012/07/03 11:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
      [2012/07/03 11:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
      [2012/07/03 11:21:53 | 000,057,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
      [2012/07/03 11:21:53 | 000,044,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
      [2012/07/03 11:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
      [2012/07/03 11:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
      [2012/07/03 11:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
      [2012/07/02 00:18:29 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
      [2012/06/30 20:29:50 | 000,163,840 | ---- | M] () -- C:\Users\WILLIAN\Desktop\AnalysisLog.sr0
      [2012/06/30 15:54:55 | 000,002,615 | ---- | M] () -- C:\Users\Public\Desktop\Q English Basic.lnk
      [2012/06/29 13:55:58 | 000,022,528 | ---- | M] () -- C:\Windows\AT-Uninstall.exe
      [2012/06/28 00:15:06 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\QuickStores.lnk
      [2012/06/28 00:15:05 | 000,000,860 | ---- | M] () -- C:\Users\Public\Desktop\MP3 Downloader.lnk
      [2012/06/28 00:15:05 | 000,000,856 | ---- | M] () -- C:\Users\Public\Desktop\Video Search.lnk
      [2012/06/21 20:06:36 | 000,007,597 | ---- | M] () -- C:\Users\WILLIAN\AppData\Local\Resmon.ResmonCfg
      [2012/06/19 21:20:44 | 000,000,648 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
      [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/07/14 18:17:51 | 000,000,736 | ---- | C] () -- C:\Users\WILLIAN\Desktop\SpywareBlaster.lnk
      [2012/07/14 18:08:42 | 000,002,284 | ---- | C] () -- C:\Users\WILLIAN\Desktop\Google Chrome.lnk
      [2012/07/14 18:03:46 | 000,001,118 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000UA.job
      [2012/07/14 18:03:45 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000Core.job
      [2012/07/14 17:55:57 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/07/14 17:55:55 | 000,000,729 | ---- | C] () -- C:\Users\WILLIAN\Desktop\Glary Utilities.lnk
      [2012/07/14 17:41:52 | 000,000,749 | ---- | C] () -- C:\Users\WILLIAN\Desktop\Revo Uninstaller.lnk
      [2012/07/14 17:18:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2012/07/14 17:18:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2012/07/14 17:18:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2012/07/14 17:18:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2012/07/14 17:18:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2012/07/13 21:57:03 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/07/13 21:57:03 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/07/13 21:57:03 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/07/13 18:24:55 | 000,729,251 | ---- | C] () -- C:\Users\WILLIAN\Desktop\mv-agusta-f3.jpg
      [2012/07/13 18:24:20 | 000,072,608 | ---- | C] () -- C:\Users\WILLIAN\Desktop\MV-Agusta-F3-11-1.jpg
      [2012/07/02 00:18:29 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
      [2012/07/01 22:14:01 | 000,001,026 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/07/01 22:13:59 | 000,001,022 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/06/30 20:29:47 | 000,163,840 | ---- | C] () -- C:\Users\WILLIAN\Desktop\AnalysisLog.sr0
      [2012/06/30 15:54:55 | 000,002,615 | ---- | C] () -- C:\Users\Public\Desktop\Q English Basic.lnk
      [2012/06/28 00:14:58 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
      [2012/06/19 21:20:44 | 000,000,648 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
      [2012/06/17 23:57:25 | 000,000,379 | ---- | C] () -- C:\Windows\wTRTv5.ini
      [2012/06/17 20:36:05 | 005,771,199 | ---- | C] () -- C:\Users\WILLIAN\AppData\Roaming\UserTile.png
      [2012/06/15 19:51:33 | 000,007,597 | ---- | C] () -- C:\Users\WILLIAN\AppData\Local\Resmon.ResmonCfg
      [2012/05/14 05:38:32 | 000,043,976 | ---- | C] () -- C:\Users\WILLIAN\AppData\Local\save_en.bmp
      [2012/05/14 05:38:08 | 000,043,976 | ---- | C] () -- C:\Users\WILLIAN\AppData\Local\save_es.bmp
      [2012/05/06 10:44:50 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
      [2009/02/06 13:17:48 | 003,264,512 | ---- | C] () -- C:\Program Files\OnlineLiveSetup.msi
      [2009/02/06 13:17:38 | 000,000,222 | ---- | C] () -- C:\Program Files\Setup.Ini

      < End of report >

    6. #6
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.156

      Re: Redireccion!

      Ejecutá OTL.exe


      Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación




      Código:
      :OTL
      SRV - (BBSvc) -- C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
      DRV - (aupii37f) -- File not found
      IE - HKLM\..\URLSearchHook: {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - No CLSID value found
      IE - HKLM\..\URLSearchHook: {d0963282-f033-4037-b703-d4fc21e05402} - C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll (Conduit Ltd.)
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\URLSearchHook: {d0963282-f033-4037-b703-d4fc21e05402} - C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll (Conduit Ltd.)
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTe rms}
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\SearchScopes\{BD39993D-364F-4BAB-89DF-ADFDBCEB363D}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searc hTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYCO&apn_uid=547de223-9a40-47a6-b0df-eb63a028fd62&apn_sauid=CE356F08-3968-4296-B486-894ED598FABA
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6R8yk97TJw&i=26
      FF - prefs.js..browser.search.defaultengine: "Ask.com"
      FF - prefs.js..browser.search.defaultenginename: "Ask.com"
      FF - prefs.js..browser.search.order.1: "Ask.com"
      FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU2&o=14670&locale=es_ES&apn_uid=547de223-9a40-47a6-b0df-eb63a028fd62&apn_ptnrs=T8&apn_sauid=CE356F08-3968-4296-B486-894ED598FABA&apn_dtid=YYYYYYYYCO&&q="
      [2012/07/16 21:52:06 | 000,000,000 | ---D | M] (BittorrentBar_ES Community Toolbar) -- C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}
      [2012/07/13 19:57:30 | 000,013,610 | ---- | M] () (No name found) -- C:\USERS\WILLIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZEB1MQQA.DEFAULT\EXTENSIONS\{A3A5C777-F583-4FEF-9380-AB4ADD1BC2A8}.XPI
      O2 - BHO: (no name) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - No CLSID value found.
      O2 - BHO: (WinZipBar_ES Toolbar) - {d0963282-f033-4037-b703-d4fc21e05402} - C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll (Conduit Ltd.)
      O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
      O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
      O3 - HKLM\..\Toolbar: (WinZipBar_ES Toolbar) - {d0963282-f033-4037-b703-d4fc21e05402} - C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll (Conduit Ltd.)
      O4 - HKLM..\Run: [] File not found
      O4 - HKU\S-1-5-21-1237375344-571389785-2974635238-1000..\Run: [Facebook Update] C:\Users\WILLIAN\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O8 - Extra context menu item: Descargar con Mipony - file://D:\PROGRAMAS\MiPony\Browser\IEContext.htm File not found
      O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
      O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
      O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
      [2012/07/07 21:27:15 | 021,054,960 | ---- | C] (Oracle Corporation) -- C:\Users\WILLIAN\Desktop\jre-7u5-windows-i586.exe
      [2003/03/19 06:03:28 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Setup.Exe
      [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
      
      :files
      ipconfig /flushdns /c
      ipconfig /renew /c
      
      :commands
      [resethosts]
      [emptyflash]
      [emptytemp]
      [emptyjava]
      [Reboot]


      Presioná el Botón Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.

      El reporte lo encontras en:
      C:\ _ OTL\MovedFiles\xxx_xxx.txt

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de walo25
      Registrado
      jul 2012
      Ubicación
      cartagena-colombia
      Mensajes
      18

      Re: Redireccion!

      All processes killed
      ========== OTL ==========
      Service BBSvc stopped successfully!
      Service BBSvc deleted successfully!
      C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\BBSvc.EXE moved successfully.
      Error: No service named aupii37f was found to stop!
      Service\Driver key aupii37f not found.
      File File not found not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{d0963282-f033-4037-b703-d4fc21e05402} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d0963282-f033-4037-b703-d4fc21e05402}\ deleted successfully.
      C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll moved successfully.
      Registry value HKEY_USERS\S-1-5-21-1237375344-571389785-2974635238-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
      Registry value HKEY_USERS\S-1-5-21-1237375344-571389785-2974635238-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{d0963282-f033-4037-b703-d4fc21e05402} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d0963282-f033-4037-b703-d4fc21e05402}\ not found.
      File C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll not found.
      Registry key HKEY_USERS\S-1-5-21-1237375344-571389785-2974635238-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
      Registry key HKEY_USERS\S-1-5-21-1237375344-571389785-2974635238-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BD39993D-364F-4BAB-89DF-ADFDBCEB363D}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD39993D-364F-4BAB-89DF-ADFDBCEB363D}\ not found.
      Registry key HKEY_USERS\S-1-5-21-1237375344-571389785-2974635238-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
      Prefs.js: "Ask.com" removed from browser.search.defaultengine
      Prefs.js: "Ask.com" removed from browser.search.defaultenginename
      Prefs.js: "Ask.com" removed from browser.search.order.1
      Prefs.js: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU2&o=14670&locale=es_ES&apn_uid=547de223-9a40-47a6-b0df-eb63a028fd62&apn_ptnrs=T8&apn_sauid=CE356F08-3968-4296-B486-894ED598FABA&apn_dtid=YYYYYYYYCO&&q=" removed from keyword.URL
      C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}\searchplugin folder moved successfully.
      C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}\Plugins folder moved successfully.
      C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}\modules folder moved successfully.
      C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}\META-INF folder moved successfully.
      C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}\defaults folder moved successfully.
      C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}\components folder moved successfully.
      C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}\chrome folder moved successfully.
      C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} folder moved successfully.
      C:\USERS\WILLIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZEB1MQQA.DEFAULT\EXTENSIONS\{A3A5C777-F583-4FEF-9380-AB4ADD1BC2A8}.XPI moved successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d0963282-f033-4037-b703-d4fc21e05402}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d0963282-f033-4037-b703-d4fc21e05402}\ not found.
      File C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
      C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\BingExt.dll moved successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully.
      File C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{d0963282-f033-4037-b703-d4fc21e05402} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d0963282-f033-4037-b703-d4fc21e05402}\ not found.
      File C:\Archivos de programa\WinZipBar_ES\prxtbWinZ.dll not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
      Registry value HKEY_USERS\S-1-5-21-1237375344-571389785-2974635238-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
      C:\Users\WILLIAN\AppData\Local\Facebook\Update\FacebookUpdate.exe moved successfully.
      Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Descargar con Mipony\ deleted successfully.
      Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found.
      C:\Users\WILLIAN\Desktop\jre-7u5-windows-i586.exe moved successfully.
      C:\Archivos de programa\Setup.Exe moved successfully.
      C:\Windows\System32\REN4911.tmp deleted successfully.
      C:\Windows\System32\REN4912.tmp deleted successfully.
      C:\Windows\System32\RENF89.tmp deleted successfully.
      C:\Windows\System32\RENF8A.tmp deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      D:\Mis documentos\MIS DESCARGAS\reparar sistem\cmd.bat deleted successfully.
      D:\Mis documentos\MIS DESCARGAS\reparar sistem\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      Adaptador de Ethernet Conexi¢n de *rea local:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::e892:917f:5a37:e676%10
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.2
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.1
      Adaptador de t£nel isatap.{741C709B-69CD-4EEA-8AAC-411D917691A9}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:4137:9e76:2a:1cec:3f57:fefd
      V¡nculo: direcci¢n IPv6 local. . . : fe80::2a:1cec:3f57:fefd%12
      Puerta de enlace predeterminada . . . . . : ::
      D:\Mis documentos\MIS DESCARGAS\reparar sistem\cmd.bat deleted successfully.
      D:\Mis documentos\MIS DESCARGAS\reparar sistem\cmd.txt deleted successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: All Users

      User: Default
      ->Flash cache emptied: 56466 bytes

      User: Default User
      ->Flash cache emptied: 0 bytes

      User: DefaultAppPool
      ->Flash cache emptied: 56466 bytes

      User: Public

      User: WILLIAN
      ->Flash cache emptied: 60372 bytes

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 67 bytes
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: DefaultAppPool
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 67 bytes
      ->Flash cache emptied: 0 bytes

      User: Public
      ->Temp folder emptied: 0 bytes

      User: WILLIAN
      ->Temp folder emptied: 532032994 bytes
      ->Temporary Internet Files folder emptied: 60748657 bytes
      ->Java cache emptied: 4924755 bytes
      ->FireFox cache emptied: 73643393 bytes
      ->Google Chrome cache emptied: 362147722 bytes
      ->Flash cache emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 3426 bytes
      RecycleBin emptied: 511874062 bytes

      Total Files Cleaned = 1.474,00 mb


      [EMPTYJAVA]

      User: All Users

      User: Default

      User: Default User

      User: DefaultAppPool

      User: Public

      User: WILLIAN
      ->Java cache emptied: 0 bytes

      Total Java Files Cleaned = 0,00 mb


      OTL by OldTimer - Version 3.2.54.0 log created on 07192012_231556

      Files\Folders moved on Reboot...
      File\Folder C:\Users\WILLIAN\AppData\Local\Temp\~PI2E3D.tmp not found!
      File\Folder C:\Users\WILLIAN\AppData\Local\Temp\~PI2E4D.tmp not found!
      File\Folder C:\Users\WILLIAN\AppData\Local\Temp\~PI539B.tmp not found!
      File\Folder C:\Users\WILLIAN\AppData\Local\Temp\~PID4B3.tmp not found!
      File\Folder C:\Users\WILLIAN\AppData\Local\Temp\~PIFB0A.tmp not found!
      File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

      PendingFileRenameOperations files...
      File C:\Users\WILLIAN\AppData\Local\Temp\~PI2E3D.tmp not found!
      File C:\Users\WILLIAN\AppData\Local\Temp\~PI2E4D.tmp not found!
      File C:\Users\WILLIAN\AppData\Local\Temp\~PI539B.tmp not found!
      File C:\Users\WILLIAN\AppData\Local\Temp\~PID4B3.tmp not found!
      File C:\Users\WILLIAN\AppData\Local\Temp\~PIFB0A.tmp not found!
      [2012/07/19 23:18:25 | 000,000,000 | ---- | M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5

      Registry entries deleted on Reboot...

      hola Damianl_77 mi google chrome sique padesiendo del mal de MyStart by incredibar. que ota mas hago?.

    8. #8
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.156

      Re: Redireccion!

      Pega un nuevo reporte de OTL utilizando la opción analizar como te indique anteriormente

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de walo25
      Registrado
      jul 2012
      Ubicación
      cartagena-colombia
      Mensajes
      18

      Re: Redireccion!

      OTL logfile created on: 20/07/2012 20:39:06 - Run 4
      OTL by OldTimer - Version 3.2.54.0 Folder = D:\Mis documentos\MIS DESCARGAS\reparar sistem
      Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: Colombia | Language: ESO | Date Format: dd/MM/yyyy

      1,97 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 64,02% Memory free
      7,83 Gb Paging File | 6,85 Gb Available in Paging File | 87,49% Paging File free
      Paging file location(s): [Binary data over 100 bytes]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 97,56 Gb Total Space | 64,30 Gb Free Space | 65,91% Space Free | Partition Type: NTFS
      Drive D: | 368,10 Gb Total Space | 187,77 Gb Free Space | 51,01% Space Free | Partition Type: NTFS
      Drive E: | 170,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
      Drive F: | 101,00 Mb Total Space | 70,78 Mb Free Space | 70,08% Space Free | Partition Type: NTFS

      Computer Name: WILLIAN-PC | User Name: WILLIAN | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - D:\Mis documentos\MIS DESCARGAS\reparar sistem\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Windows.old\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
      PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
      PRC - C:\Archivos de programa\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
      PRC - C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe (Nokia)
      PRC - C:\Archivos de programa\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
      PRC - C:\Archivos de programa\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
      PRC - C:\Archivos de programa\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
      PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Sidebar\sidebar.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Windows.old\Program Files\Mozilla Firefox\mozjs.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\phonon4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtXmlPatterns4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtXml4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtWebKit4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtScript4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtSql4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtNetwork4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtOpenGL4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtGui4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtMultimediaKit1.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtDeclarative4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\QtCore4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\Imageformats\qjpeg4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\Imageformats\qico4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\Imageformats\qgif4.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\NService.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\CommonUpdateChecker.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\ssoengine.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\securestorage.dll ()
      MOD - C:\Archivos de programa\Nokia\Nokia Suite\mediaservice\dsengine.dll ()


      ========== Win32 Services (SafeList) ==========

      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
      SRV - (SkypeUpdate) -- C:\Archivos de programa\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (ServiceLayer) -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe (Nokia)
      SRV - (NitroReaderDriverReadSpool2) -- C:\Archivos de programa\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
      SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (BBUpdate) -- C:\Archivos de programa\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
      SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
      SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
      SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
      SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (iprip) -- C:\Windows\System32\iprip.dll (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (a3luk57g) -- File not found
      DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
      DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
      DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
      DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
      DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
      DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
      DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
      DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
      DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
      DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
      DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
      DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
      DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
      DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-CO
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 81 11 49 64 99 2B CD 01 [binary data]
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultengine: ""
      FF - prefs.js..browser.search.defaultenginename: ""
      FF - prefs.js..browser.search.order.1: ""
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.startup.homepage: "https://www.google.com.co/"
      FF - prefs.js..network.proxy.type: 0


      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
      FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\WILLIAN\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\WILLIAN\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\WILLIAN\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/27 22:11:14 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/05 00:32:57 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\TelevisionFanatic\bar\1.bin
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Windows.old\Program Files\Mozilla Firefox\components [2012/06/30 20:12:26 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Windows.old\Program Files\Mozilla Firefox\plugins [2012/04/18 22:55:50 | 000,000,000 | ---D | M]

      [2012/05/04 20:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WILLIAN\AppData\Roaming\mozilla\Extensions
      [2012/07/19 23:16:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WILLIAN\AppData\Roaming\mozilla\Firefox\Profiles\zeb1mqqa.default\extensions

      ========== Chrome ==========

      CHR - homepage: http://www.google.com/
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://www.google.com/
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
      CHR - plugin: Perion plugin (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll
      CHR - plugin: Skype Click to Call (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\npSkypeChromePlugin.dll
      CHR - plugin: registryAccess (Enabled) = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoomnboffjcgcebabolakmhbblbk\7.15.4.0_0\background/registryAccess.dll
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL
      CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
      CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll
      CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
      CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
      CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
      CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\WILLIAN\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
      CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
      CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
      CHR - Extension: WinZipBar_ES = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnlhlmejfifcbcndkkiialigdmjdiahn\2.3.15.10_0\
      CHR - Extension: avast! WebRep = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
      CHR - Extension: New tab for Chrome\u2122 = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
      CHR - Extension: BittorrentBar_ES = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhpgolofjlpnkdafbgejgnclbjnpgfee\2.3.15.10_0\
      CHR - Extension: Skype Click to Call = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\
      CHR - Extension: \u003Cvideo\u003E de HTML5 de DivX Plus Web Player = C:\Users\WILLIAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

      O1 HOSTS File: ([2012/07/19 23:16:11 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: ::1 localhost
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Archivos de programa\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKU\S-1-5-21-1237375344-571389785-2974635238-1000..\Run: [ccleaner] D:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
      O4 - HKU\S-1-5-21-1237375344-571389785-2974635238-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-21-1237375344-571389785-2974635238-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
      O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
      O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
      O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{741C709B-69CD-4EEA-8AAC-411D917691A9}: DhcpNameServer = 192.168.1.1
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O32 - AutoRun File - [2010/06/14 15:14:23 | 000,000,131 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/07/14 18:26:39 | 000,000,000 | ---D | C] -- C:\Users\WILLIAN\AppData\Roaming\GlarySoft
      [2012/07/14 18:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
      [2012/07/14 18:17:50 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSSTDFMT.DLL
      [2012/07/14 18:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
      [2012/07/14 18:08:37 | 000,000,000 | ---D | C] -- C:\Users\WILLIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
      [2012/07/14 18:03:33 | 000,739,808 | ---- | C] (Google Inc.) -- C:\Users\WILLIAN\Desktop\ChromeSetup.exe
      [2012/07/14 17:55:57 | 000,000,000 | ---D | C] -- C:\Windows\temp
      [2012/07/14 17:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
      [2012/07/14 17:41:52 | 000,000,000 | ---D | C] -- C:\Users\WILLIAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
      [2012/07/14 17:31:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2012/07/14 17:18:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2012/07/14 17:18:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2012/07/14 17:18:09 | 000,000,000 | ---D | C] -- C:\ComboFix
      [2012/07/14 17:18:05 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2012/07/14 17:17:42 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
      [2012/07/13 21:57:03 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/07/07 21:32:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun
      [2012/07/07 21:31:55 | 000,000,000 | ---D | C] -- C:\Program Files\Perion
      [2012/07/07 21:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
      [2012/07/07 21:26:56 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
      [2012/07/07 21:26:37 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
      [2012/07/07 21:26:37 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
      [2012/07/02 20:14:29 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
      [2012/07/02 01:45:28 | 000,000,000 | ---D | C] -- C:\Users\WILLIAN\Documents\Nokia Suite
      [2012/07/02 00:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
      [2012/07/02 00:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
      [2012/07/01 22:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
      [2012/06/30 16:14:31 | 000,016,384 | ---- | C] (qmm) -- C:\Windows\System32\Wintmpq18.dll
      [2012/06/30 15:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\TheQGroup
      [2012/06/30 15:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ELL Technologies
      [2012/06/30 15:54:48 | 000,000,000 | ---D | C] -- C:\Program Files\ELL Technologies
      [2012/06/28 22:25:46 | 000,000,000 | ---D | C] -- C:\Users\WILLIAN\AppData\Local\Macromedia
      [2012/06/28 01:00:02 | 000,000,000 | ---D | C] -- C:\Program Files\Java
      [2012/06/28 00:29:50 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire 5
      [2012/06/28 00:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
      [2012/06/21 11:42:04 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
      [2012/06/21 11:42:03 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
      [2012/06/21 11:41:52 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
      [2012/06/21 11:41:52 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
      [2012/06/21 11:41:51 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
      [2012/06/21 11:41:37 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
      [2012/06/21 11:41:37 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

      ========== Files - Modified Within 30 Days ==========

      [2012/07/20 20:36:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/07/20 20:30:09 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/07/20 20:30:03 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/07/20 20:29:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/07/20 20:29:26 | 1583,153,152 | -HS- | M] () -- C:\hiberfil.sys
      [2012/07/20 13:29:04 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/07/20 13:15:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000UA.job
      [2012/07/20 11:26:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000UA.job
      [2012/07/20 09:15:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000Core.job
      [2012/07/19 23:16:11 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
      [2012/07/19 17:26:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000Core.job
      [2012/07/16 18:28:52 | 000,064,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/07/16 18:28:52 | 000,064,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/07/16 17:58:46 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
      [2012/07/14 18:17:51 | 000,000,736 | ---- | M] () -- C:\Users\WILLIAN\Desktop\SpywareBlaster.lnk
      [2012/07/14 18:08:42 | 000,002,284 | ---- | M] () -- C:\Users\WILLIAN\Desktop\Google Chrome.lnk
      [2012/07/14 18:03:42 | 000,739,808 | ---- | M] (Google Inc.) -- C:\Users\WILLIAN\Desktop\ChromeSetup.exe
      [2012/07/14 17:55:55 | 000,000,729 | ---- | M] () -- C:\Users\WILLIAN\Desktop\Glary Utilities.lnk
      [2012/07/14 17:41:52 | 000,000,749 | ---- | M] () -- C:\Users\WILLIAN\Desktop\Revo Uninstaller.lnk
      [2012/07/13 18:24:52 | 000,729,251 | ---- | M] () -- C:\Users\WILLIAN\Desktop\mv-agusta-f3.jpg
      [2012/07/13 18:24:13 | 000,072,608 | ---- | M] () -- C:\Users\WILLIAN\Desktop\MV-Agusta-F3-11-1.jpg
      [2012/07/12 14:37:34 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
      [2012/07/12 14:37:34 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
      [2012/07/10 14:35:54 | 000,772,396 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2012/07/10 14:35:54 | 000,673,506 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2012/07/10 14:35:54 | 000,164,796 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2012/07/10 14:35:54 | 000,125,422 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2012/07/07 21:26:26 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
      [2012/07/07 21:26:25 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
      [2012/07/05 00:33:00 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
      [2012/07/03 11:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
      [2012/07/03 11:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
      [2012/07/03 11:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
      [2012/07/03 11:21:53 | 000,057,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
      [2012/07/03 11:21:53 | 000,044,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
      [2012/07/03 11:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
      [2012/07/03 11:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
      [2012/07/03 11:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
      [2012/07/02 00:18:29 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
      [2012/06/30 20:29:50 | 000,163,840 | ---- | M] () -- C:\Users\WILLIAN\Desktop\AnalysisLog.sr0
      [2012/06/30 15:54:55 | 000,002,615 | ---- | M] () -- C:\Users\Public\Desktop\Q English Basic.lnk
      [2012/06/29 13:55:58 | 000,022,528 | ---- | M] () -- C:\Windows\AT-Uninstall.exe
      [2012/06/28 00:15:06 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\QuickStores.lnk
      [2012/06/28 00:15:05 | 000,000,860 | ---- | M] () -- C:\Users\Public\Desktop\MP3 Downloader.lnk
      [2012/06/28 00:15:05 | 000,000,856 | ---- | M] () -- C:\Users\Public\Desktop\Video Search.lnk
      [2012/06/21 20:06:36 | 000,007,597 | ---- | M] () -- C:\Users\WILLIAN\AppData\Local\Resmon.ResmonCfg

      ========== Files Created - No Company Name ==========

      [2012/07/14 18:17:51 | 000,000,736 | ---- | C] () -- C:\Users\WILLIAN\Desktop\SpywareBlaster.lnk
      [2012/07/14 18:08:42 | 000,002,284 | ---- | C] () -- C:\Users\WILLIAN\Desktop\Google Chrome.lnk
      [2012/07/14 18:03:46 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000UA.job
      [2012/07/14 18:03:45 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000Core.job
      [2012/07/14 17:55:57 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/07/14 17:55:55 | 000,000,729 | ---- | C] () -- C:\Users\WILLIAN\Desktop\Glary Utilities.lnk
      [2012/07/14 17:41:52 | 000,000,749 | ---- | C] () -- C:\Users\WILLIAN\Desktop\Revo Uninstaller.lnk
      [2012/07/14 17:18:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2012/07/14 17:18:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2012/07/14 17:18:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2012/07/14 17:18:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2012/07/14 17:18:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2012/07/13 21:57:03 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/07/13 21:57:03 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/07/13 21:57:03 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/07/13 18:24:55 | 000,729,251 | ---- | C] () -- C:\Users\WILLIAN\Desktop\mv-agusta-f3.jpg
      [2012/07/13 18:24:20 | 000,072,608 | ---- | C] () -- C:\Users\WILLIAN\Desktop\MV-Agusta-F3-11-1.jpg
      [2012/07/02 00:18:29 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
      [2012/07/01 22:14:01 | 000,001,026 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/07/01 22:13:59 | 000,001,022 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/06/30 20:29:47 | 000,163,840 | ---- | C] () -- C:\Users\WILLIAN\Desktop\AnalysisLog.sr0
      [2012/06/30 15:54:55 | 000,002,615 | ---- | C] () -- C:\Users\Public\Desktop\Q English Basic.lnk
      [2012/06/28 00:14:58 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
      [2012/06/17 23:57:25 | 000,000,379 | ---- | C] () -- C:\Windows\wTRTv5.ini
      [2012/06/17 20:36:05 | 005,771,199 | ---- | C] () -- C:\Users\WILLIAN\AppData\Roaming\UserTile.png
      [2012/06/15 19:51:33 | 000,007,597 | ---- | C] () -- C:\Users\WILLIAN\AppData\Local\Resmon.ResmonCfg
      [2012/05/14 05:38:32 | 000,043,976 | ---- | C] () -- C:\Users\WILLIAN\AppData\Local\save_en.bmp
      [2012/05/14 05:38:08 | 000,043,976 | ---- | C] () -- C:\Users\WILLIAN\AppData\Local\save_es.bmp
      [2012/05/06 10:44:50 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
      [2009/02/06 13:17:48 | 003,264,512 | ---- | C] () -- C:\Program Files\OnlineLiveSetup.msi
      [2009/02/06 13:17:38 | 000,000,222 | ---- | C] () -- C:\Program Files\Setup.Ini

      < End of report >

    10. #10
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.156

      Re: Redireccion!

      Ejecutá OTL.exe


      Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación



      Código:
      :OTL
      DRV - (a3luk57g) -- File not found
      [2012/07/20 11:26:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000UA.job
      [2012/07/19 23:16:11 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
      [2012/07/19 17:26:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1237375344-571389785-2974635238-1000Core.job
      [2012/05/14 05:38:32 | 000,043,976 | ---- | C] () -- C:\Users\WILLIAN\AppData\Local\save_en.bmp
      [2012/05/14 05:38:08 | 000,043,976 | ---- | C] () -- C:\Users\WILLIAN\AppData\Local\save_es.bmp
      
      :files
      ipconfig /flushdns /c
      ipconfig /renew /c
      
      :commands
      [resethosts]
      [emptyflash]
      [emptytemp]
      [emptyjava]
      [Reboot]

      Presioná el Botón Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.

      El reporte lo encontras en:
      C:\ _ OTL\MovedFiles\xxx_xxx.txt

      Realiza lo siguiente:
      • Descarga (Adwares/Toolbars-Destroyer) by @Infospyware, al final del post (Versión actualizada)
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer como administrador.
      • Aparecerá el Disclaimer, si estas de acuerdo, presiona SI para continuar.
      • Presiona sobre la opción 1 (Buscar y Destruir) para comenzar es escaneo.
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya encontrado la infección, sino, serán lineas verdes.
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      • Si algún programa no inicia, reiniciar la PC.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 4 1234 ÚltimoÚltimo