• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 19

    La pesadilla de Babylon (Reabierto)

    Buenos días a todos, recientemente he tenido problemas con "Babylon", algo que no recuerdo haber instalado nunca (suelo ser muy cuidadoso cuando instalo algo para que no se instalen programas de regalo que no deseo), ...

    1. #1
      Usuario Avatar de Capeside
      Registrado
      nov 2009
      Ubicación
      Madrid
      Mensajes
      46

      La pesadilla de Babylon (Reabierto)

      Buenos días a todos,
      recientemente he tenido problemas con "Babylon", algo que no recuerdo haber instalado nunca (suelo ser muy cuidadoso cuando instalo algo para que no se instalen programas de regalo que no deseo), y es un no parar. Ahora, cuando entro desde firefox al facebook, y pincho en cualquier actualización o mensaje que tenga, me redirecciona a una especie de buscador de Babylon con el siguiente mensaje "check6only.facebook.comajax/v6.php?v=check6only&pingonly=false". He buscado en google, y no encuentro soluciones que funcionen. ¿Conocéis algún modo de terminar con Babylon? Gracias de antemano

    2. #2
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.691

      Re: La pesadilla de Babylon

      Buenas Capeside.

      Sigue estos pasos :

      • Descarga >> AT-Destroyer (Adwares/Toolbars-Destroyer) by @Infospyware.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer. (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Aparecerá el Disclaimer, si estás de acuerdo, presiona SI para continuar.
      • Presiona sobre la opción 1 (Buscar y Destruir) para comenzar es escaneo.
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya encontrado la infección, sino, serán lineas verdes.
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.(También lo puedes encontrar en C:\AT-Destroyer.log)
      • Inmediatamente debes Reiniciar el equipo.


      Descarga y ejecuta >> Ccleaner.


      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      Descarga, actualiza y ejecuta >> Malwarebytes’ Anti-Malware.

      • En la pestaña Actualizar pulsas sobre el botón "Buscar Actualizaciones"
      • En la pestaña Escáner marcas "Realizar un Examen Completo."
      • Con la opción de "quitar lo seleccionado" lo mandas todo a la cuarentena y reinicias el sistema.
      • En la pestaña "Registros", encontrarás el informe del MBAM, lo copias y pegas en tu próxima respuesta, para analizarlo.



      Y finalmente descarga >> OTL By OldTimer

      >>> Para Ejecutar OTL sigue estos pasos :


      • Cerrar todos programas que tengas abiertos y hacer doble click en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar la casilla Analizar Todos.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar las lineas del siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Cita.
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.




      • Presionar el botón .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.



      En tu próxima respuesta recuerda:

      - Ponernos los informes de AT-Destroyer, Malwarebytes' Anti-Malware y OTL.txt.

      - Y nos cuentas como funciona tu equipo, en relación al problema planteado.

      Saludos, Javier.

      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Capeside
      Registrado
      nov 2009
      Ubicación
      Madrid
      Mensajes
      46

      Re: La pesadilla de Babylon

      El problema parece haber desaparecido. Tras pasar el AT-Destroyer y el Malwarebytes persistía, pero al finalizar el OTL ya puedo utilizar facebook sin que exista redirección. Este es el resultado de lo realizado:

      Reporte de AT-Destroyer

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.7 By Infospyware
      www.infospyware.com
      Fecha iniciada en el analisis 04/09/2012
      Hora iniciada en el analisis 13:05:42,40
      Usuario Actual : [C:\Users\Jesus]
      Sistema Operativo: Windows 7 Home Premium
      Arquitectura: Sistema operativo de 64 bits
      Versión Internet Explorer: 8.0.7601.17514
      Modo Actual: Modo Normal.
      Privilegios: [Jesus-Administrador]
      Versión Google Chrome:
      Versión Mozilla Firefox: 14.0.1

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======




      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======




      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\system32\blank.htm
      Default_Page_URL == http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&m=aspire_5732z&r=27361109a625l03f4z195t48l2x62r

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\SysWOW64\blank.htm
      Default_Search_URL == http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL == http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&m=aspire_5732z&r=27361109a625l03f4z195t48l2x62r


      "HKEY_USERS\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\system32\blank.htm
      Default_Page_URL == http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&m=aspire_5732z&r=27361109a625l03f4z195t48l2x62r




      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("browser.startup.homepage", "http://google.com");




      ======= EOF =======

      Reporte del Malware Bytes

      Malwarebytes Anti-Malware 1.62.0.1300
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.09.04.05

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 8.0.7601.17514
      Jesus :: JESUS-PC [administrador]

      04/09/2012 13:08:57
      mbam-log-2012-09-04 (13-08-57).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 370584
      Tiempo transcurrido: 45 minuto(s), 38 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)


      Reporte de OTL

      OTL logfile created on: 04/09/2012 13:58:51 - Run 1
      OTL by OldTimer - Version 3.2.60.0 Folder = C:\Users\Jesus\Documents\Programas\Seguridad
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.7601.17514)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      2,93 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 49,73% Memory free
      5,86 Gb Paging File | 4,19 Gb Available in Paging File | 71,51% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 453,66 Gb Total Space | 287,54 Gb Free Space | 63,38% Space Free | Partition Type: NTFS

      Computer Name: JESUS-PC | User Name: Jesus | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Jesus\Documents\Programas\Seguridad\OTL.exe (OldTimer Tools)
      PRC - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4623.0\FacebookMessenger.exe (Facebook)
      PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
      PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
      PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
      PRC - C:\Program Files (x86)\Glary Utilities\memdefrag.exe (Glarysoft Ltd)
      PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
      PRC - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe ()
      PRC - C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
      PRC - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
      PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
      PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
      PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
      PRC - C:\Archivos de programa\Acer\Acer Updater\UpdaterService.exe (Acer)
      PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
      PRC - C:\Windows\PLFSetI.exe ()


      ========== Modules (No Company Name) ==========

      MOD - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4623.0\libcef.dll ()
      MOD - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4623.0\CefSharp.WinForms.dll ()
      MOD - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4623.0\CefSharp.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b41e38edbd6dfe20997f6ea7c080aceb\System.Web.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
      MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
      MOD - C:\Windows\PLFSetI.exe ()


      ========== Services (SafeList) ==========

      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
      SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (WDFME) -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe ()
      SRV - (WDSC) -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe ()
      SRV - (WDDMService) -- C:\Archivos de programa\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
      SRV - (FTRTSVC) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
      SRV - (ePowerSvc) -- C:\Archivos de programa\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
      SRV - (Updater Service) -- C:\Archivos de programa\Acer\Acer Updater\UpdaterService.exe (Acer)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
      SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
      DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
      DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (npf) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
      DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
      DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
      DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
      DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
      DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
      DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
      DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
      DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Windows (R) Codename Longhorn DDK provider)
      DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
      DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
      DRV - (SASKUTIL) -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (SASDIFSV) -- C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (SASENUM) -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&m=aspire_5732z&r=27361109a625l03f4z195t48l2x62r
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&m=aspire_5732z&r=27361109a625l03f4z195t48l2x62r
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&m=aspire_5732z&r=27361109a625l03f4z195t48l2x62r
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
      IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&m=aspire_5732z&r=27361109a625l03f4z195t48l2x62r
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112209&tt=3512_3&babsrc=SP_ss&mntrId=fcea749300000000000000262250b6d4
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}: "URL" = http://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?}
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{1D5AD8D8-6C61-44F2-8771-1EB024C70CE3}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_esES352ES352
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_esES352ES352
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{6FBF660E-A78D-4dc8-B9DA-302A931FFE66}: "URL" = http://websearch.qbyrd.com/redirect?client=ie&tb=ATU-QBD&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=&apn_uid=7E7E907D-B6F2-457F-B339-793723B4C203&apn_sauid=700943EA-CEC6-4ED9-A9EB-F8FBEB3C440E
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{B6BE5EBE-FE40-4E6B-B6A7-49474D876A16}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYES&apn_uid=73d736ae-7be2-483c-b3f1-da8ae7b819b1&apn_sauid=749F1A13-C99B-48B1-A942-5D8E43B12A55
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{B76E7A85-7322-428b-AB33-19A6A5FD1E73}: "URL" = http://www.bsplayer-search.com/search?q={searchTerms}
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultengine: "Ask.com"
      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
      FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
      FF - prefs.js..extensions.enabledItems: [email protected]:1.1.0
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
      FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
      FF - prefs.js..keyword.URL: "http://google.com"
      FF - prefs.js..network.proxy.type: 0

      FF - user.js..network.proxy.type: 0

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4623.0\npFbDesktopPlugin.dll (Facebook, Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/21 11:48:10 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/29 14:39:09 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/21 11:48:10 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/29 14:39:09 | 000,000,000 | ---D | M]

      [2012/01/15 22:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jesus\AppData\Roaming\mozilla\Extensions
      [2012/01/15 22:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jesus\AppData\Roaming\mozilla\Extensions\[email protected]
      [2012/09/02 19:50:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jesus\AppData\Roaming\mozilla\Firefox\Profiles\suh9aebl.default\extensions
      [2012/09/01 18:17:09 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Jesus\AppData\Roaming\mozilla\Firefox\Profiles\suh9aebl.default\extensions\[email protected]
      [2011/11/26 15:00:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/05/31 19:03:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      [2011/03/31 00:08:10 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\mozilla firefox\extensions\[email protected]
      [2012/07/21 11:48:09 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/07/21 11:48:07 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/07/21 11:48:07 | 000,003,882 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/07/21 11:48:07 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2012/07/21 11:48:07 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/07/21 11:48:07 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/07/21 11:48:07 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
      O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O3:64bit: - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll ()
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar.dll ()
      O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3:64bit: - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O3:64bit: - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\Toolbar\WebBrowser: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll ()
      O3 - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\Toolbar\WebBrowser: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar.dll ()
      O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Archivos de programa\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Archivos de programa\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
      O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
      O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
      O4 - HKLM..\Run: [IEWINTERNET-SPSessionManager] C:\Program Files (x86)\Orange\Internet Everywhere\SessionManager\SessionManager.exe (France Telecom SA)
      O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
      O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-21-919320974-2458626775-3162928573-1000..\Run: [Facebook Update] C:\Users\Jesus\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKU\S-1-5-21-919320974-2458626775-3162928573-1000..\Run: [Glary Memory Optimizer] C:\Program Files (x86)\Glary Utilities\memdefrag.exe (Glarysoft Ltd)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - Startup: C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4623.0\FacebookMessenger.exe (Facebook)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
      O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Value error.)
      O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.7.2)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11DFE5AF-6F0A-434B-A4FE-28FBF34DBB80}: NameServer = 85.62.229.133 85.62.229.134
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E9BB90F-274F-4927-B6ED-DAE640D3EA5C}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D627EEBE-10ED-4785-8B3E-A4DBDCC8D6A7}: DhcpNameServer = 192.168.1.1
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
      O32 - HKLM CDRom: AutoRun - 1
      O33 - MountPoints2\{a33fce02-32f9-11e0-80ae-a4b0305f24e3}\Shell - "" = AutoRun
      O33 - MountPoints2\{a33fce02-32f9-11e0-80ae-a4b0305f24e3}\Shell\AutoRun\command - "" = E:\MicroLauncher.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


      MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - - File not found
      MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
      MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      MsConfig:64bit - StartUpReg: ArcadeDeluxeAgent - hkey= - key= - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
      MsConfig:64bit - StartUpReg: mwlDaemon - hkey= - key= - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
      MsConfig:64bit - StartUpReg: NortonOnlineBackupReminder - hkey= - key= - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
      MsConfig:64bit - StartUpReg: PlayMovie - hkey= - key= - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
      MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
      MsConfig:64bit - StartUpReg: SpybotSD TeaTimer - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
      MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
      MsConfig:64bit - StartUpReg: swg - hkey= - key= - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
      MsConfig:64bit - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
      MsConfig:64bit - StartUpReg: UnlockerAssistant - hkey= - key= - File not found
      MsConfig:64bit - State: "startup" - Reg Error: Key error.
      MsConfig:64bit - State: "bootini" - Reg Error: Key error.

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/09/04 10:48:28 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/09/04 10:22:32 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
      [2012/09/03 22:12:31 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{3C7704B2-E83F-4888-B42B-23ED50CA5C67}
      [2012/09/02 22:54:11 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{675779E6-1FB4-4458-AF55-01A07D6924F8}
      [2012/09/01 23:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
      [2012/09/01 23:48:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
      [2012/09/01 23:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
      [2012/09/01 23:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
      [2012/09/01 23:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
      [2012/09/01 23:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
      [2012/09/01 23:46:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
      [2012/09/01 23:45:56 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
      [2012/09/01 23:45:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
      [2012/09/01 19:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
      [2012/08/31 14:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\0C1CFB13004E39EA179C81DAF875F002
      [2012/08/31 14:03:14 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\Ares
      [2012/08/31 13:56:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares
      [2012/08/31 13:56:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ares
      [2012/08/29 22:00:35 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{2ED9A3BE-425D-4BBB-9C8A-7F18595DD6A0}
      [2012/08/28 17:37:07 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{2FCBE441-081B-415C-AB3A-D7E877AF568D}
      [2012/08/27 22:03:57 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{16F03F01-0B36-4140-A843-B540AF9BBFEA}
      [2012/08/26 22:02:44 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{3B88DE0D-1FD7-40C8-BF13-92743CA6B0E1}
      [2012/08/24 21:33:24 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{418CA1DF-9963-4094-8889-B99D8D43C869}
      [2012/08/23 22:05:31 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{82CC61EB-B5F3-4564-9459-B37537D0D7DE}
      [2012/08/22 21:53:31 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{721C67A3-72E1-4370-B371-5F124F4EFD4F}
      [2012/08/20 22:17:14 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{8370C259-EF69-4E59-ABCD-581543D94008}
      [2012/08/19 21:47:05 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{7E709B83-6CCD-4F1B-B65A-92A880EC0B9F}
      [2012/08/16 22:01:22 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{F5F2C6D6-E227-4719-999D-7E8D5C4A04EB}
      [2012/08/16 22:00:58 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{FD513F6F-A637-430A-9700-5C2918F48BC4}
      [2012/08/15 21:42:53 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{44D85C92-9C95-480A-BB23-414B27D06790}
      [2012/08/15 21:42:37 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{FAF6B4DF-56AE-419D-B18F-AAB2A2FD8F65}
      [2012/08/12 21:50:33 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{C3471B24-755F-4542-8807-8DD2039B74F8}
      [2012/08/12 21:50:11 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{9F829A9C-09CC-42FA-859D-8FF925E85224}
      [2012/08/10 22:02:02 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{00FD4A7F-5BC0-412B-BE37-B6399A6230B2}
      [2012/08/10 22:01:41 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{508A18A3-68E7-4639-A291-5C9B75BA49D6}
      [2012/08/09 22:11:29 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{0BADFC3B-B925-42FE-8DEB-3B58B904B60F}
      [2012/08/09 22:11:08 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{8334FD1D-96C1-4FF4-B09B-302B5A24E30F}
      [2012/08/08 21:41:05 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{D137ADA3-84A1-4BA2-845B-5A7D30110745}
      [2012/08/08 21:40:43 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{F5B6F08F-C305-4804-AEE1-FB790100175B}
      [2012/08/07 21:46:25 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{EE004CE0-EC0E-4E62-AD7E-9501FE6F6D2F}
      [2012/08/07 21:46:05 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{67FBD282-4BF1-4BBC-95E6-396D2D73A24C}
      [2012/08/07 17:57:50 | 000,000,000 | ---D | C] -- C:\Users\Jesus\Documents\Nuevo
      [2012/08/06 21:31:37 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{3E22588D-E650-4F7F-83BB-0C35351AED9F}
      [2012/08/06 21:31:16 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{4EF6E46D-8D7C-49FC-89B6-5AE0CEABCABA}
      [2012/08/06 14:41:18 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\Macromedia
      [2012/08/05 21:44:04 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{711ECDA4-BDA2-4D1D-9CEF-EFF046099E8B}
      [2012/08/05 21:43:43 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{E1734AC9-B9FA-494F-B9F5-3606E53F863A}
      [2009/08/14 12:17:20 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

      ========== Files - Modified Within 30 Days ==========

      [2012/09/04 13:50:01 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/09/04 13:27:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/09/04 13:21:02 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000UA.job
      [2012/09/04 12:56:20 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/09/04 12:56:20 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/09/04 12:47:31 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/09/04 12:47:31 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/09/04 12:47:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/09/04 12:47:15 | 2360,848,384 | -HS- | M] () -- C:\hiberfil.sys
      [2012/09/04 10:22:32 | 000,001,336 | ---- | M] () -- C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
      [2012/09/04 10:21:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000Core.job
      [2012/09/02 00:18:04 | 001,555,646 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/09/02 00:18:04 | 000,703,840 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/09/02 00:18:04 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/09/02 00:18:04 | 000,137,806 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/09/02 00:18:04 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/09/01 23:48:36 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
      [2012/08/30 12:06:00 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2012/08/22 15:58:55 | 000,000,353 | ---- | M] () -- C:\Windows\ulead32.ini
      [2012/08/14 12:52:30 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
      [2012/08/14 12:52:30 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
      [2012/08/13 19:03:00 | 1992,587,264 | ---- | M] () -- C:\Users\Jesus\Carpetas Inservibles\Desktop\Capitan.America.El.primer.Vengador.(Spanish).DVD-Rip.XviD-AC3.by.elhobbyt.(emulesonic.com).avi
      [2012/08/13 17:29:16 | 1722,165,248 | ---- | M] () -- C:\Users\Jesus\Carpetas Inservibles\Desktop\Thor (Español) 2011 DVDRip Xvid Ac3 5.1.avi
      [2012/08/07 17:56:48 | 000,231,933 | ---- | M] () -- C:\Users\Jesus\Documents\Bicicleta.rar.rar

      ========== Files Created - No Company Name ==========

      [2012/09/04 10:48:28 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/09/04 10:48:28 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/09/04 10:48:28 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/09/01 23:48:36 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
      [2012/09/01 12:15:00 | 000,077,789 | ---- | C] () -- C:\Users\Jesus\Documents\D.O.A. 1950.SPA.srt
      [2012/08/13 14:09:18 | 1992,587,264 | ---- | C] () -- C:\Users\Jesus\Carpetas Inservibles\Desktop\Capitan.America.El.primer.Vengador.(Spanish).DVD-Rip.XviD-AC3.by.elhobbyt.(emulesonic.com).avi
      [2012/08/13 14:08:53 | 1722,165,248 | ---- | C] () -- C:\Users\Jesus\Carpetas Inservibles\Desktop\Thor (Español) 2011 DVDRip Xvid Ac3 5.1.avi
      [2012/08/07 17:56:35 | 000,231,933 | ---- | C] () -- C:\Users\Jesus\Documents\Bicicleta.rar.rar
      [2012/08/06 14:40:52 | 000,000,838 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/04/06 19:50:16 | 000,000,045 | RH-- | C] () -- C:\Windows\pjd_user.dat
      [2012/04/03 14:55:26 | 000,000,047 | RH-- | C] () -- C:\Windows\ghdc.dat
      [2011/11/20 14:35:33 | 000,000,000 | ---- | C] () -- C:\Users\Jesus\AppData\Local\{714EC64C-EDEC-4F28-9517-BD301B25C380}
      [2011/11/16 22:37:16 | 000,000,218 | ---- | C] () -- C:\Windows\wininit.ini
      [2011/07/20 18:19:43 | 000,000,000 | ---- | C] () -- C:\Users\Jesus\AppData\Local\{BD093C82-E813-4C3F-BAD6-9F2079DB15A6}
      [2011/07/20 18:18:13 | 000,000,000 | ---- | C] () -- C:\Users\Jesus\AppData\Local\{362FC57E-8D3C-46B8-BD91-03F1964C41FE}
      [2011/02/08 23:46:08 | 000,003,368 | ---- | C] () -- C:\Users\Jesus\AppData\Roaming\wklnhst.dat
      [2009/12/25 23:55:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

      ========== LOP Check ==========

      [2009/11/12 23:51:41 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\BSplayer
      [2009/11/07 14:27:57 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\BSplayer Pro
      [2009/12/07 10:52:46 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\DeepBurner
      [2011/11/16 22:37:23 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\Dropbox
      [2012/06/25 19:16:20 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\EurekaLog
      [2012/05/19 13:44:47 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\GlarySoft
      [2010/07/18 14:11:57 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\JLC's Software
      [2012/04/03 14:56:04 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\Quantitative Micro Software
      [2011/02/08 23:46:09 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\Template
      [2012/01/15 22:51:02 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\TomTom
      [2012/09/04 10:21:00 | 000,001,094 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000Core.job
      [2012/09/04 13:21:02 | 000,001,116 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000UA.job
      [2012/09/04 12:47:31 | 000,000,324 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
      [2012/08/22 09:49:01 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/09/04 13:06:45 | 000,002,176 | ---- | M] () -- C:\AT-Destroyer.txt
      [2009/08/14 13:00:32 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2012/09/04 12:47:15 | 2360,848,384 | -HS- | M] () -- C:\hiberfil.sys
      [2010/05/01 16:11:03 | 000,000,155 | ---- | M] () -- C:\mbam-error.txt
      [2012/09/04 12:47:19 | 3147,800,576 | -HS- | M] () -- C:\pagefile.sys
      [2012/09/04 13:05:42 | 000,000,114 | ---- | M] () -- C:\prueba.txt
      [2009/08/14 12:15:40 | 000,002,881 | ---- | M] () -- C:\RHDSetup.log

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:5C321E34

      < End of report >

    4. #4
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.691

      Re: La pesadilla de Babylon

      Pues todavía no hemos terminado.

      Ejecuta de nuevo OTL.exe

      Copia y Pega el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación.

      Código:
      :OTL
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112209&tt=3512_3&babsrc=SP_ ss&mntrId=fcea749300000000000000262250b6d4
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}: "URL" = http://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?}
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{1D5AD8D8-6C61-44F2-8771-1EB024C70CE3}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{6FBF660E-A78D-4dc8-B9DA-302A931FFE66}: "URL" = http://websearch.qbyrd.com/redirect?client=ie&tb=ATU-QBD&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=& apn_dtid=&apn_uid=7E7E907D-B6F2-457F-B339-793723B4C203&apn_sauid=700943EA-CEC6-4ED9-A9EB-F8FBEB3C440E
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{B6BE5EBE-FE40-4E6B-B6A7-49474D876A16}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={sear chTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYES& apn_uid=73d736ae-7be2-483c-b3f1-da8ae7b819b1&apn_sauid=749F1A13-C99B-48B1-A942-5D8E43B12A55
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{B76E7A85-7322-428b-AB33-19A6A5FD1E73}: "URL" = http://www.bsplayer-search.com/search?q={searchTerms}
      FF - prefs.js..browser.search.defaultengine: "Ask.com"
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.co m/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
      [2012/09/01 18:17:09 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Jesus\AppData\Roaming\mozilla\Firefox\Pro files\suh9aebl.default\extensions\[email protected] com
      [2012/07/21 11:48:07 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2012/07/21 11:48:07 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/07/21 11:48:07 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml
      O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.7529.142 4\swg64.dll (Google Inc.)
      O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\s wg.dll (Google Inc.)
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O4 - HKU\S-1-5-21-919320974-2458626775-3162928573-1000..\Run: [Facebook Update] C:\Users\Jesus\AppData\Local\Facebook\Update\Faceb ookUpdate.exe (Facebook Inc.)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - Startup: C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Jesus\AppData\Local\Facebook\Messenger\2. 1.4623.0\FacebookMessenger.exe (Facebook)
      O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Value error.)
      O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.7.2)
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O33 - MountPoints2\{a33fce02-32f9-11e0-80ae-a4b0305f24e3}\Shell\AutoRun\command - "" = E:\MicroLauncher.exe
      MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - - File not found
      MsConfig:64bit - StartUpReg: UnlockerAssistant - hkey= - key= - File not found
      MsConfig:64bit - State: "startup" - Reg Error: Key error.
      MsConfig:64bit - State: "bootini" - Reg Error: Key error.
      [2012/09/04 10:22:32 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Facebook
      [2012/09/04 13:21:02 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000UA.job
      [2012/09/04 10:22:32 | 000,001,336 | ---- | M] () -- C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\Facebook Messenger.lnk
      [2012/09/04 10:21:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000Core.job
      [2011/02/08 23:46:08 | 000,003,368 | ---- | C] () -- C:\Users\Jesus\AppData\Roaming\wklnhst.dat
      [2009/12/25 23:55:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
      [2012/09/04 10:21:00 | 000,001,094 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000Core.job
      [2012/09/04 13:21:02 | 000,001,116 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000UA.job
      @Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:5C321E34
      
      :Files
      ipconfig /flushdns /c
      ipconfig /renew /c
      
      :Commands
      [PURITY]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [RESETHOSTS]
      Presiona el Botón Reparar para lanzar la eliminación. Después presionas en OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.

      Guardas el nuevo reporte generado, y lo copias y pegas en tu próxima respuesta.

      Antes de contestarnos revisa/actualiza tu versión de Java(Muy Importante) >> Descarga gratuita del software de Java

      Y cuando nos contestes dinos que versión de Java se ha quedado instalada >> ¿Cómo puedo comprobar si Java funciona en mi equipo?

      Recuerda ponernos el log de OTL, y dinos también que versión de Java tienes ahora y como sigue el ordenador, en relación al problema planteado.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de Capeside
      Registrado
      nov 2009
      Ubicación
      Madrid
      Mensajes
      46

      Re: La pesadilla de Babylon

      Reporte de OTL:

      All processes killed
      ========== OTL ==========
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
      Registry key HKEY_USERS\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.
      Registry key HKEY_USERS\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry key HKEY_USERS\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}\ not found.
      Registry key HKEY_USERS\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1D5AD8D8-6C61-44F2-8771-1EB024C70CE3}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D5AD8D8-6C61-44F2-8771-1EB024C70CE3}\ not found.
      Registry key HKEY_USERS\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6FBF660E-A78D-4dc8-B9DA-302A931FFE66}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FBF660E-A78D-4dc8-B9DA-302A931FFE66}\ not found.
      Registry key HKEY_USERS\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B6BE5EBE-FE40-4E6B-B6A7-49474D876A16}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6BE5EBE-FE40-4E6B-B6A7-49474D876A16}\ not found.
      Registry key HKEY_USERS\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B76E7A85-7322-428b-AB33-19A6A5FD1E73}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B76E7A85-7322-428b-AB33-19A6A5FD1E73}\ not found.
      Prefs.js: "Ask.com" removed from browser.search.defaultengine
      Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
      Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
      Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
      Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
      Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
      Prefs.js: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 removed from extensions.enabledItems
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pages.tvunetworks.co m/WebPlayer\ not found.
      Folder C:\Users\Jesus\AppData\Roaming\mozilla\Firefox\Pro files\suh9aebl.default\extensions\[email protected] com\ not found.
      File C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml not found.
      File C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml not found.
      File C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
      File C:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.7529.142 4\swg64.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
      File C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\s wg.dll not found.
      64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
      Registry value HKEY_USERS\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update not found.
      File C:\Users\Jesus\AppData\Local\Facebook\Update\Faceb ookUpdate.exe not found.
      Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
      Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
      File move failed. C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\Facebook Messenger.lnk scheduled to be moved on reboot.
      File C:\Users\Jesus\AppData\Local\Facebook\Messenger\2. 1.4623.0\FacebookMessenger.exe not found.
      64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
      64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportar a Microsoft Excel\ not found.
      Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
      Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportar a Microsoft Excel\ not found.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
      Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ not found.
      File Protocol\Handler\livecall - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ not found.
      File Protocol\Handler\msdaipp - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
      File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
      File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ not found.
      File Protocol\Handler\ms-help - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ not found.
      File Protocol\Handler\ms-itss - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ not found.
      File Protocol\Handler\msnim - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ not found.
      File Protocol\Handler\mso-offdap - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ not found.
      File Protocol\Handler\skype4com - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ not found.
      File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ not found.
      File Protocol\Handler\wlmailhtml - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ not found.
      File Protocol\Handler\wlpg - No CLSID value found not found.
      64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
      64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a33fce02-32f9-11e0-80ae-a4b0305f24e3}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a33fce02-32f9-11e0-80ae-a4b0305f24e3}\ not found.
      File E:\MicroLauncher.exe not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\UnlockerAssistant\ not found.
      Folder C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Facebook\ not found.
      File C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000UA.job not found.
      File C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\Facebook Messenger.lnk not found.
      File C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000Core.job not found.
      File C:\Users\Jesus\AppData\Roaming\wklnhst.dat not found.
      File C:\ProgramData\ezsidmv.dat not found.
      File C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000Core.job not found.
      File C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-919320974-2458626775-3162928573-1000UA.job not found.
      Unable to delete ADS C:\ProgramData\Temp:5C321E34 .
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Jesus\Documents\Programas\Seguridad\cmd.bat deleted successfully.
      C:\Users\Jesus\Documents\Programas\Seguridad\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      Adaptador de Ethernet Conexi¢n de *rea local:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : home
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . : home
      V¡nculo: direcci¢n IPv6 local. . . : fe80::7892:b016:3384:1a43%10
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.10
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.1
      Adaptador de t£nel 6TO4 Adapter:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local* 13:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.home:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{4E9BB90F-274F-4927-B6ED-DAE640D3EA5C}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      C:\Users\Jesus\Documents\Programas\Seguridad\cmd.bat deleted successfully.
      C:\Users\Jesus\Documents\Programas\Seguridad\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: All Users

      User: Default

      User: Default User

      User: Jesus
      ->Flash cache emptied: 0 bytes

      User: Public

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Jesus
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 409734 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 0 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 0,00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.60.0 log created on 09062012_154134

      Files\Folders moved on Reboot...
      File\Folder C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\Facebook Messenger.lnk not found!
      C:\Users\Jesus\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

      Referente a Java:

      Última versión de Java instalada
      Versión: Java SE7 Update 07
      Sistema operativo: Windows 7 6.1
      Java arquitectura: 32 bit

      Estado del problema: no ha existido problema desde el otro día

    6. #6
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.691

      Re: La pesadilla de Babylon

      De acuerdo, para verificar como ha quedado el equipo, realiza de nuevo SOLO un análisis con OTL, igual al que te pedimos en este post #2.

      Y nos pones el nuevo informe, muchas gracias.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de Capeside
      Registrado
      nov 2009
      Ubicación
      Madrid
      Mensajes
      46

      Re: La pesadilla de Babylon

      Babylon ha vuelto. Igual que antes, al abrir por ejemplo facebook, me redirecciona al buscador.

      Este es el reporte de OTL

      OTL logfile created on: 10/09/2012 8:17:46 - Run 2
      OTL by OldTimer - Version 3.2.60.0 Folder = C:\Users\Jesus\Documents\Programas\Seguridad
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.7601.17514)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      2,93 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 63,50% Memory free
      5,86 Gb Paging File | 4,51 Gb Available in Paging File | 76,89% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 453,66 Gb Total Space | 285,82 Gb Free Space | 63,00% Space Free | Partition Type: NTFS

      Computer Name: JESUS-PC | User Name: Jesus | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4631.0\FacebookMessenger.exe (Facebook)
      PRC - C:\Users\Jesus\Documents\Programas\Seguridad\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
      PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
      PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
      PRC - C:\Program Files (x86)\Glary Utilities\memdefrag.exe (Glarysoft Ltd)
      PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
      PRC - C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe ()
      PRC - C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
      PRC - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
      PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
      PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
      PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
      PRC - C:\Archivos de programa\Acer\Acer Updater\UpdaterService.exe (Acer)
      PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
      PRC - C:\Windows\PLFSetI.exe ()


      ========== Modules (No Company Name) ==========

      MOD - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4631.0\libcef.dll ()
      MOD - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4631.0\CefSharp.WinForms.dll ()
      MOD - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4631.0\CefSharp.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b41e38edbd6dfe20997f6ea7c080aceb\System.Web.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
      MOD - C:\Windows\PLFSetI.exe ()


      ========== Services (SafeList) ==========

      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
      SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (WDFME) -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe ()
      SRV - (WDSC) -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe ()
      SRV - (WDDMService) -- C:\Archivos de programa\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
      SRV - (FTRTSVC) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
      SRV - (ePowerSvc) -- C:\Archivos de programa\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
      SRV - (Updater Service) -- C:\Archivos de programa\Acer\Acer Updater\UpdaterService.exe (Acer)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
      SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
      DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
      DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (npf) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
      DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
      DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
      DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
      DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
      DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
      DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
      DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
      DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Windows (R) Codename Longhorn DDK provider)
      DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
      DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
      DRV - (SASKUTIL) -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (SASDIFSV) -- C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (SASENUM) -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&m=aspire_5732z&r=27361109a625l03f4z195t48l2x62r
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&m=aspire_5732z&r=27361109a625l03f4z195t48l2x62r
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&m=aspire_5732z&r=27361109a625l03f4z195t48l2x62r
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
      IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0a&m=aspire_5732z&r=27361109a625l03f4z195t48l2x62r
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_esES352ES352
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_esES352ES352
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultengine: ""
      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
      FF - prefs.js..network.proxy.type: 0

      FF - user.js..network.proxy.type: 0

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4631.0\npFbDesktopPlugin.dll (Facebook, Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/08 11:52:37 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/29 14:39:09 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/08 11:52:37 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/29 14:39:09 | 000,000,000 | ---D | M]

      [2012/01/15 22:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jesus\AppData\Roaming\mozilla\Extensions
      [2012/01/15 22:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jesus\AppData\Roaming\mozilla\Extensions\[email protected]
      [2012/09/07 09:25:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jesus\AppData\Roaming\mozilla\Firefox\Profiles\suh9aebl.default\extensions
      [2012/09/01 18:17:09 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Jesus\AppData\Roaming\mozilla\Firefox\Profiles\suh9aebl.default\extensions\[email protected]
      [2011/11/26 15:00:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/05/31 19:03:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      [2011/03/31 00:08:10 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\mozilla firefox\extensions\[email protected]
      [2012/09/08 11:52:37 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/09/08 11:52:35 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/07/21 11:48:07 | 000,003,882 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/07/21 11:48:07 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml

      O1 HOSTS File: ([2012/09/06 15:41:43 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: ::1 localhost
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O3:64bit: - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll ()
      O3 - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar.dll ()
      O3:64bit: - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O3:64bit: - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\Toolbar\WebBrowser: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar64.dll ()
      O3 - HKU\S-1-5-21-919320974-2458626775-3162928573-1000\..\Toolbar\WebBrowser: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files (x86)\BS.Player ControlBar\BSToolbar.dll ()
      O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Archivos de programa\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Archivos de programa\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
      O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)
      O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
      O4 - HKLM..\Run: [IEWINTERNET-SPSessionManager] C:\Program Files (x86)\Orange\Internet Everywhere\SessionManager\SessionManager.exe (France Telecom SA)
      O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
      O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-21-919320974-2458626775-3162928573-1000..\Run: [Glary Memory Optimizer] C:\Program Files (x86)\Glary Utilities\memdefrag.exe (Glarysoft Ltd)
      O4 - Startup: C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4631.0\FacebookMessenger.exe (Facebook)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O1364bit: - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11DFE5AF-6F0A-434B-A4FE-28FBF34DBB80}: NameServer = 85.62.229.133 85.62.229.134
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E9BB90F-274F-4927-B6ED-DAE640D3EA5C}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D627EEBE-10ED-4785-8B3E-A4DBDCC8D6A7}: DhcpNameServer = 192.168.1.1
      O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
      O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/09/09 21:59:27 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{BFAF913C-DEB7-4B71-BD16-1E087541BBE5}
      [2012/09/07 13:22:44 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
      [2012/09/06 15:31:35 | 000,000,000 | ---D | C] -- C:\_OTL
      [2012/09/05 21:48:36 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{531E4946-46D3-44F6-9AE6-BBEC44A18612}
      [2012/09/04 10:48:28 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/09/03 22:12:31 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{3C7704B2-E83F-4888-B42B-23ED50CA5C67}
      [2012/09/02 22:54:11 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{675779E6-1FB4-4458-AF55-01A07D6924F8}
      [2012/09/01 23:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
      [2012/09/01 23:48:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
      [2012/09/01 23:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
      [2012/09/01 23:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
      [2012/09/01 23:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
      [2012/09/01 23:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
      [2012/09/01 23:46:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
      [2012/09/01 23:45:56 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
      [2012/09/01 23:45:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
      [2012/09/01 19:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
      [2012/08/31 14:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\0C1CFB13004E39EA179C81DAF875F002
      [2012/08/31 14:03:14 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\Ares
      [2012/08/31 13:56:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares
      [2012/08/31 13:56:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ares
      [2012/08/29 22:00:35 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{2ED9A3BE-425D-4BBB-9C8A-7F18595DD6A0}
      [2012/08/28 17:37:07 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{2FCBE441-081B-415C-AB3A-D7E877AF568D}
      [2012/08/27 22:03:57 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{16F03F01-0B36-4140-A843-B540AF9BBFEA}
      [2012/08/26 22:02:44 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{3B88DE0D-1FD7-40C8-BF13-92743CA6B0E1}
      [2012/08/24 21:33:24 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{418CA1DF-9963-4094-8889-B99D8D43C869}
      [2012/08/23 22:05:31 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{82CC61EB-B5F3-4564-9459-B37537D0D7DE}
      [2012/08/22 21:53:31 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{721C67A3-72E1-4370-B371-5F124F4EFD4F}
      [2012/08/20 22:17:14 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{8370C259-EF69-4E59-ABCD-581543D94008}
      [2012/08/19 21:47:05 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{7E709B83-6CCD-4F1B-B65A-92A880EC0B9F}
      [2012/08/16 22:01:22 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{F5F2C6D6-E227-4719-999D-7E8D5C4A04EB}
      [2012/08/16 22:00:58 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{FD513F6F-A637-430A-9700-5C2918F48BC4}
      [2012/08/15 21:42:53 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{44D85C92-9C95-480A-BB23-414B27D06790}
      [2012/08/15 21:42:37 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{FAF6B4DF-56AE-419D-B18F-AAB2A2FD8F65}
      [2012/08/12 21:50:33 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{C3471B24-755F-4542-8807-8DD2039B74F8}
      [2012/08/12 21:50:11 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Local\{9F829A9C-09CC-42FA-859D-8FF925E85224}
      [2009/08/14 12:17:20 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

      ========== Files - Modified Within 30 Days ==========

      [2012/09/10 08:00:43 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/09/10 08:00:43 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/09/10 07:55:36 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/09/10 07:52:28 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/09/10 07:52:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/09/10 07:52:12 | 2360,848,384 | -HS- | M] () -- C:\hiberfil.sys
      [2012/09/09 23:27:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/09/09 22:50:01 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/09/09 17:33:33 | 001,555,646 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/09/09 17:33:33 | 000,703,840 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/09/09 17:33:33 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/09/09 17:33:33 | 000,137,806 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/09/09 17:33:33 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/09/07 17:38:50 | 000,146,307 | ---- | M] () -- C:\Users\Jesus\Documents\30010560375.pdf
      [2012/09/07 13:22:44 | 000,001,336 | ---- | M] () -- C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
      [2012/09/06 15:41:43 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
      [2012/09/01 23:48:36 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
      [2012/08/30 12:06:00 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2012/08/22 15:58:55 | 000,000,353 | ---- | M] () -- C:\Windows\ulead32.ini
      [2012/08/14 12:52:30 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
      [2012/08/14 12:52:30 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
      [2012/08/13 19:03:00 | 1992,587,264 | ---- | M] () -- C:\Users\Jesus\Carpetas Inservibles\Desktop\Capitan.America.El.primer.Vengador.(Spanish).DVD-Rip.XviD-AC3.by.elhobbyt.(emulesonic.com).avi
      [2012/08/13 17:29:16 | 1722,165,248 | ---- | M] () -- C:\Users\Jesus\Carpetas Inservibles\Desktop\Thor (Español) 2011 DVDRip Xvid Ac3 5.1.avi

      ========== Files Created - No Company Name ==========

      [2012/09/07 17:38:49 | 000,146,307 | ---- | C] () -- C:\Users\Jesus\Documents\30010560375.pdf
      [2012/09/07 13:22:44 | 000,001,336 | ---- | C] () -- C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
      [2012/09/04 10:48:28 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/09/04 10:48:28 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/09/04 10:48:28 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/09/01 23:48:36 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
      [2012/09/01 12:15:00 | 000,077,789 | ---- | C] () -- C:\Users\Jesus\Documents\D.O.A. 1950.SPA.srt
      [2012/08/13 14:09:18 | 1992,587,264 | ---- | C] () -- C:\Users\Jesus\Carpetas Inservibles\Desktop\Capitan.America.El.primer.Vengador.(Spanish).DVD-Rip.XviD-AC3.by.elhobbyt.(emulesonic.com).avi
      [2012/08/13 14:08:53 | 1722,165,248 | ---- | C] () -- C:\Users\Jesus\Carpetas Inservibles\Desktop\Thor (Español) 2011 DVDRip Xvid Ac3 5.1.avi
      [2012/04/06 19:50:16 | 000,000,045 | RH-- | C] () -- C:\Windows\pjd_user.dat
      [2012/04/03 14:55:26 | 000,000,047 | RH-- | C] () -- C:\Windows\ghdc.dat
      [2011/11/20 14:35:33 | 000,000,000 | ---- | C] () -- C:\Users\Jesus\AppData\Local\{714EC64C-EDEC-4F28-9517-BD301B25C380}
      [2011/11/16 22:37:16 | 000,000,218 | ---- | C] () -- C:\Windows\wininit.ini
      [2011/07/20 18:19:43 | 000,000,000 | ---- | C] () -- C:\Users\Jesus\AppData\Local\{BD093C82-E813-4C3F-BAD6-9F2079DB15A6}
      [2011/07/20 18:18:13 | 000,000,000 | ---- | C] () -- C:\Users\Jesus\AppData\Local\{362FC57E-8D3C-46B8-BD91-03F1964C41FE}

      ========== LOP Check ==========

      [2009/11/12 23:51:41 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\BSplayer
      [2009/11/07 14:27:57 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\BSplayer Pro
      [2009/12/07 10:52:46 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\DeepBurner
      [2011/11/16 22:37:23 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\Dropbox
      [2012/06/25 19:16:20 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\EurekaLog
      [2012/05/19 13:44:47 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\GlarySoft
      [2010/07/18 14:11:57 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\JLC's Software
      [2012/04/03 14:56:04 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\Quantitative Micro Software
      [2011/02/08 23:46:09 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\Template
      [2012/01/15 22:51:02 | 000,000,000 | ---D | M] -- C:\Users\Jesus\AppData\Roaming\TomTom
      [2012/09/10 07:55:36 | 000,000,324 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
      [2012/08/22 09:49:01 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

      ========== Purity Check ==========



      < End of report >

    8. #8
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.691

      Re: La pesadilla de Babylon

      Ejecuta de nuevo OTL.exe

      Copia y Pega el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación.

      Código:
      :OTL
      PRC - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2. 1.4631.0\FacebookMessenger.exe (Facebook)
      MOD - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2. 1.4631.0\libcef.dll ()
      MOD - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2. 1.4631.0\CefSharp.WinForms.dll ()
      MOD - C:\Users\Jesus\AppData\Local\Facebook\Messenger\2. 1.4631.0\CefSharp.dll ()
      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_40 2_265.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4631.0\npFbDesktopPlugin.dll (Facebook, Inc.)
      [2012/09/01 18:17:09 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Jesus\AppData\Roaming\mozilla\Firefox\Profiles\suh9aebl.default\extensions\[email protected] com
      O4 - Startup: C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4631.0\FacebookMessenger.exe (Facebook)
      O1364bit: - gopher Prefix: missing
      [2012/09/07 13:22:44 | 000,000,000 | ---D | C] -- C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
      [2012/09/07 13:22:44 | 000,001,336 | ---- | M] () -- C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
      [2012/09/07 13:22:44 | 000,001,336 | ---- | C] () -- C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
      
      :Files
      ipconfig /flushdns /c
      ipconfig /renew /c
      
      :Commands
      [PURITY]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [RESETHOSTS]
      Presiona el Botón Reparar para lanzar la eliminación. Después presionas en OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.

      Guardas el nuevo reporte generado, y lo copias y pegas en tu próxima respuesta, coméntanos también como sigue el ordenador ahora, en relación al problema planteado.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de Capeside
      Registrado
      nov 2009
      Ubicación
      Madrid
      Mensajes
      46

      Re: La pesadilla de Babylon

      Acabo de realizar esa acción, y ya no me redirecciona el facebook al babylon

      Este es el reporte

      All processes killed
      ========== OTL ==========
      No active process named FacebookMessenger.exe was found!
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
      Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\facebook.com/fbDesktopPlugin\ deleted successfully.
      C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4631.0\npFbDesktopPlugin.dll moved successfully.
      Folder C:\Users\Jesus\AppData\Roaming\mozilla\Firefox\Profiles\suh9aebl.default\extensions\[email protected] com\ not found.
      C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk moved successfully.
      C:\Users\Jesus\AppData\Local\Facebook\Messenger\2.1.4631.0\FacebookMessenger.exe moved successfully.
      C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook folder moved successfully.
      File C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk not found.
      File C:\Users\Jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk not found.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Jesus\Documents\Programas\Seguridad\cmd.bat deleted successfully.
      C:\Users\Jesus\Documents\Programas\Seguridad\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      Adaptador de Ethernet Conexi¢n de *rea local:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : home
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . : home
      V¡nculo: direcci¢n IPv6 local. . . : fe80::7892:b016:3384:1a43%10
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.10
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.1
      Adaptador de t£nel 6TO4 Adapter:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local* 13:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.home:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{4E9BB90F-274F-4927-B6ED-DAE640D3EA5C}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      C:\Users\Jesus\Documents\Programas\Seguridad\cmd.bat deleted successfully.
      C:\Users\Jesus\Documents\Programas\Seguridad\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: All Users

      User: Default

      User: Default User

      User: Jesus
      ->Flash cache emptied: 765 bytes

      User: Public

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Jesus
      ->Temp folder emptied: 912756 bytes
      ->Temporary Internet Files folder emptied: 67 bytes
      ->Java cache emptied: 125049 bytes
      ->FireFox cache emptied: 78108889 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 66016 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50539 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 76,00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.60.0 log created on 09102012_132324

      Files\Folders moved on Reboot...
      C:\Users\Jesus\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    10. #10
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.691

      Re: La pesadilla de Babylon

      Perfecto, nos alegra ver que esta el tema arreglado.

      Solo queda que hagas lo siguiente :

      Ejecuta de nuevo OTL.exe y presionas el Botón Limpiar.

      Esto Eliminará del sistema a OTL.exe y sus archivos creados y eliminados.

      Te pedirá reiniciar el ordenador, debes pulsar SI.

      Ahora solo queda dar el tema por solucionado.
      Te recomendamos mantenerte informado en: InfoSpyware Blog y seguirnos en nuestras vías de difusión: E-Mail - Facebook - Twitter
      Saludos, Javier.

      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo