• Registrarse
  • Iniciar sesión


  • Resultados 1 al 2 de 2

    La pesadilla de Babylon

    hola como estan tengo el mismo problema aqui esta la informacion AT DESTROYER AT DESTROYER #################################################### A/T-Destroyer by InfoSpyware ############ A/T-Destroyer 1.0.7 By Infospyware www.infospyware.com Fecha iniciada en el analisis 16/09/2012 Hora iniciada en el ...

    1. #1
      Usuario Avatar de tober986
      Registrado
      sep 2012
      Ubicación
      costa rica
      Mensajes
      1

      La pesadilla de Babylon

      hola como estan tengo el mismo problema aqui esta la informacion

      AT DESTROYER

      AT DESTROYER
      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.7 By Infospyware
      www.infospyware.com
      Fecha iniciada en el analisis 16/09/2012
      Hora iniciada en el analisis 21:22:57,52
      Usuario Actual : [C:\Users\tober]
      Sistema Operativo: Windows 7 Professional
      Arquitectura: Sistema operativo de 64 bits
      Versión Internet Explorer: 9.0.8112.16421
      Modo Actual: Modo Normal.
      Privilegios: [tober-Administrador]
      Versión Google Chrome:
      Versión Mozilla Firefox: 15.0.1

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======




      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======




      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\system32\blank.htm

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\SysWOW64\blank.htm
      Default_Search_URL == http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL == http://go.microsoft.com/fwlink/?LinkId=69157


      "HKEY_USERS\S-1-5-21-142974030-953691167-3866774513-1001\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,
      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("pref.browser.homepage.disable_button.bookmark_page", false);
      user_pref("pref.browser.homepage.disable_button.current_page", false);
      user_pref("pref.browser.homepage.disable_button.restore_default", false);
      user_pref("browser.startup.homepage", "http://google.com");




      ======= EOF =======

      MALWAREBYTES

      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.0.1400
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.09.16.04

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      tober :: TOBER-PC [administrador]

      Protección: Habilitado

      16/09/2012 08:39:34 p.m.
      mbam-log-2012-09-16 (20-39-34).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|E:\|F:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 431116
      Tiempo transcurrido: 41 minuto(s), 3 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 1
      C:\Users\tober\Documents\programas\FinalTorrent2011Setup.exe (PUP.BundleOffers.IIQ) -> No se tomaron medidas.

      OTL
      OTL logfile created on: 16/09/2012 09:58:26 p.m. - Run 3
      OTL by OldTimer - Version 3.2.61.3 Folder = C:\antyvirus
      64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 0000140a | Country: Costa Rica | Language: ESC | Date Format: dd/MM/yyyy

      3,98 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,35% Memory free
      7,96 Gb Paging File | 5,89 Gb Available in Paging File | 73,96% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 146,39 Gb Total Space | 76,23 Gb Free Space | 52,08% Space Free | Partition Type: NTFS
      Drive D: | 785,03 Gb Total Space | 473,17 Gb Free Space | 60,27% Space Free | Partition Type: NTFS
      Drive E: | 3,82 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

      Computer Name: TOBER-PC | User Name: tober | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\antyvirus\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
      PRC - C:\Users\tober\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
      PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
      PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
      PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
      PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
      PRC - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
      PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\QtWebKit\qmlwebkitplugin4.dll ()
      MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
      SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (PanService) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
      SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
      SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
      SRV - (KMService) -- C:\Windows\SysWOW64\srvany.exe ()
      SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
      SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
      SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
      SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
      SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
      DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab)
      DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
      DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
      DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
      DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
      DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab)
      DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
      DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
      DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
      DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
      DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
      DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (s1039mdm) -- C:\Windows\SysNative\drivers\s1039mdm.sys (MCCI Corporation)
      DRV:64bit: - (s1039unic) -- C:\Windows\SysNative\drivers\s1039unic.sys (MCCI Corporation)
      DRV:64bit: - (s1039mgmt) -- C:\Windows\SysNative\drivers\s1039mgmt.sys (MCCI Corporation)
      DRV:64bit: - (s1039obex) -- C:\Windows\SysNative\drivers\s1039obex.sys (MCCI Corporation)
      DRV:64bit: - (s1039nd5) -- C:\Windows\SysNative\drivers\s1039nd5.sys (MCCI Corporation)
      DRV:64bit: - (s1039mdfl) -- C:\Windows\SysNative\drivers\s1039mdfl.sys (MCCI Corporation)
      DRV:64bit: - (s1039bus) -- C:\Windows\SysNative\drivers\s1039bus.sys (MCCI Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (xnacc) -- C:\Windows\SysNative\drivers\xnacc.sys (Microsoft Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
      DRV - (UnlockerDriver5) -- C:\Archivos de programa\Unlocker\UnlockerDriver5.sys ()
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=42c1007c000000000000d027885727cb&tlver=1.4.19.19&affID=16553
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://racsa.msn.com/?ocid=iehp
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-cr
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 45 33 38 C9 9D CD CC 01 [binary data]
      IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
      IE - HKCU\..\URLSearchHook: {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
      IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=42c1007c000000000000d027885727cb&tlver=1.4.19.19&affID=16553
      IE - HKCU\..\SearchScopes\{4464603A-AE92-4934-AB51-D40C6176DF1C}: "URL" = http://search.softonic.com/MON00245/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=43
      IE - HKCU\..\SearchScopes\{9648332E-6B82-444C-A6A2-4CD1D41FDB2B}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=es_ES&apn_ptnrs=T8&apn_dtid=YYYYYYYYCR&apn_uid=238a3ba0-f206-40cd-9d38-0a3a8e692a67&apn_sauid=10E50301-DEE8-4A24-AE70-0753192C6D40
      IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://eu.ask.com/web?l=dis&o=APN10089&gct=sb&qsrc=2869&apn_dtid=^PFM004^YY^CR&apn_ptnrs=^A5F&apn_uid=5064992377154544&p2=^A5F^PFM004^YY^CR&q={searchTerms}
      IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultengine: "Google"
      FF - prefs.js..browser.search.defaultenginename: "Google"
      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..extensions.enabledAddons: [email protected]:2.0.2.039
      FF - prefs.js..extensions.enabledAddons: [email protected]:1.6.0
      FF - prefs.js..extensions.enabledAddons: [email protected]:13.0.1.4190
      FF - prefs.js..extensions.enabledAddons: [email protected]:13.0.1.4190
      FF - prefs.js..extensions.enabledAddons: [email protected]:13.0.1.4190
      FF - prefs.js..extensions.enabledAddons: [email protected]:13.0.1.4190
      FF - prefs.js..extensions.enabledAddons: {daf5b34c-1aa3-4c33-ae24-766a370635d2}:1.0.0.12
      FF - prefs.js..keyword.URL: "http://eu.ask.com/web?l=dis&o=APN10089&gct=kwd&qsrc=2869&apn_dtid=^PFM004^YY^CR&apn_ptnrs=^A5F&apn_uid=5064992377154544&p2=^A5F^PFM004^YY^CR&q="
      FF - prefs.js..network.proxy.type: 0


      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
      FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
      FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
      FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Users\tober\AppData\Roaming\Kalydo\KalydoPlayer\bin1\npkalydo.dll (Eximion B.V.)
      FF - HKCU\Software\MozillaPlugins\@g2.com/iggweb3dupdater: C:\Users\tober\AppData\Roaming\IGG\Web3D\1.0.0.37\NPIGGWeb3DUpdater.dll (IGG)
      FF - HKCU\Software\MozillaPlugins\@g2.com/joyconnectshell: C:\Users\tober\AppData\Roaming\IGG\Web3D\1.0.0.37\NPJoyConnectShell.dll (IGG)
      FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

      64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2012/09/16 09:27:30 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2012/09/16 09:27:31 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2012/09/16 09:27:21 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2012/09/16 09:27:21 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2012/09/16 09:27:24 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Iminent\[email protected] [2012/09/16 14:40:15 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/10 21:28:23 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/16 20:29:58 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

      [2012/01/09 16:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tober\AppData\Roaming\mozilla\Extensions
      [2012/09/16 10:51:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tober\AppData\Roaming\mozilla\Firefox\Profiles\cdx3q7qj.default\extensions
      [2012/06/17 20:28:14 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\tober\AppData\Roaming\mozilla\Firefox\Profiles\cdx3q7qj.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
      [2012/09/16 10:41:23 | 000,000,000 | ---D | M] (KMP Media Toolbar) -- C:\Users\tober\AppData\Roaming\mozilla\Firefox\Profiles\cdx3q7qj.default\extensions\{daf5b34c-1aa3-4c33-ae24-766a370635d2}
      [2012/07/10 15:00:12 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\tober\AppData\Roaming\mozilla\Firefox\Profiles\cdx3q7qj.default\extensions\[email protected]
      [2012/09/09 06:33:17 | 000,000,000 | ---D | M] (softonic.com) -- C:\Users\tober\AppData\Roaming\mozilla\Firefox\Profiles\cdx3q7qj.default\extensions\[email protected]
      [2012/05/05 07:57:11 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\tober\AppData\Roaming\mozilla\firefox\profiles\cdx3q7qj.default\extensions\[email protected]
      [2012/01/23 19:13:11 | 000,010,289 | ---- | M] () (No name found) -- C:\Users\tober\AppData\Roaming\mozilla\firefox\profiles\cdx3q7qj.default\extensions\[email protected]
      [2012/09/08 23:42:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/03/01 13:06:42 | 000,000,000 | ---D | M] (Supervisor Kaspersky de vÃ*nculos URL) -- C:\Program Files (x86)\mozilla firefox\extensions\[email protected]_bak2
      [2012/09/16 09:27:21 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\[email protected]
      [2012/09/16 09:27:21 | 000,000,000 | ---D | M] (Content Blocker) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\[email protected]
      [2012/09/16 09:27:24 | 000,000,000 | ---D | M] (Banca segura) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\[email protected]
      [2012/09/16 09:27:31 | 000,000,000 | ---D | M] (Teclado Virtual) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\[email protected]
      [2012/09/10 21:28:22 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2011/10/26 12:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
      [2012/09/16 10:41:58 | 000,000,627 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\ask.xml
      [2012/09/10 21:28:21 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/08/14 14:38:50 | 000,003,882 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/02/15 23:57:17 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2012/08/24 15:02:46 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
      [2012/09/10 21:28:21 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/02/15 23:57:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/02/15 23:57:17 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://www.google.com/
      CHR - Extension: No name found = C:\Users\tober\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
      CHR - Extension: No name found = C:\Users\tober\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
      CHR - Extension: No name found = C:\Users\tober\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\
      CHR - Extension: No name found = C:\Users\tober\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\

      O1 HOSTS File: ([2012/08/04 12:00:51 | 000,001,011 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 204.13.11.27
      O1 - Hosts: 127.0.0.1 audio-surf.com
      O1 - Hosts: 127.0.0.1 www.audio-surf.com
      O1 - Hosts: 127.0.0.1 genuine.microsoft.com
      O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
      O1 - Hosts: 127.0.0.1 sls.microsoft.com
      O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
      O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
      O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
      O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
      O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
      O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
      O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
      O2 - BHO: (KMP Media Toolbar) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
      O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
      O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
      O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
      O3 - HKLM\..\Toolbar: (KMP Media Toolbar) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
      O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
      O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
      O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
      O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
      O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
      O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
      O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
      O4 - HKCU..\Run: [] File not found
      O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\tober\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
      O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
      O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O8:64bit: - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
      O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
      O8:64bit: - Extra context menu item: Agregar a Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
      O8 - Extra context menu item: Agregar a Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
      O9:64bit: - Extra Button: Teclado Virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
      O9:64bit: - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Comprobación de direcciones URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
      O9 - Extra Button: Teclado Virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
      O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe File not found
      O9 - Extra Button: Comprobación de direcciones URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
      O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2CBF85F2-871E-4D3A-934F-205F037ADF67}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2CBF85F2-871E-4D3A-934F-205F037ADF67}: NameServer = 200.91.75.5,200.91.75.6
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF3AB274-64D1-4946-A83E-32D16612EFEF}: DhcpNameServer = 216.230.147.90 216.230.128.33
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O27:64bit: - HKLM IFEO\nokiasuite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\pccompanion.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\nokiasuite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\pccompanion.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
      O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 0
      O33 - MountPoints2\{57ad4fe6-5ffa-11e1-9796-d027885727cb}\Shell - "" = AutoRun
      O33 - MountPoints2\{57ad4fe6-5ffa-11e1-9796-d027885727cb}\Shell\AutoRun\command - "" = G:\Startme.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/09/16 14:40:49 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Local\{734156E8-8BC2-49C5-9150-2629491F8EC1}
      [2012/09/16 14:40:30 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\Iminent
      [2012/09/16 14:40:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
      [2012/09/16 14:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
      [2012/09/16 14:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
      [2012/09/16 14:37:56 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
      [2012/09/16 14:37:56 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
      [2012/09/16 14:37:55 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
      [2012/09/16 14:37:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
      [2012/09/16 14:37:27 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\TuneUp Software
      [2012/09/16 14:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
      [2012/09/16 14:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
      [2012/09/16 14:36:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
      [2012/09/16 14:36:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
      [2012/09/16 14:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vLite
      [2012/09/16 14:24:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vLite
      [2012/09/16 14:11:39 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\SeriousBit
      [2012/09/16 14:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnhanceMySe7en
      [2012/09/16 14:11:30 | 000,000,000 | ---D | C] -- C:\Program Files\EnhanceMySe7en
      [2012/09/16 14:05:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
      [2012/09/16 14:05:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
      [2012/09/16 14:04:20 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\Daoisoft
      [2012/09/16 14:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7Tweak
      [2012/09/16 14:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\7Tweak
      [2012/09/16 14:03:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7stacks
      [2012/09/16 14:03:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alastria Software
      [2012/09/16 11:21:42 | 000,000,000 | ---D | C] -- C:\Users\tober\Documents\The KMPlayer
      [2012/09/16 10:43:21 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\vlc
      [2012/09/16 10:43:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
      [2012/09/16 10:42:52 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
      [2012/09/16 10:42:52 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
      [2012/09/16 10:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Registry Mechanic
      [2012/09/16 10:42:51 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
      [2012/09/16 10:42:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
      [2012/09/16 10:42:45 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
      [2012/09/16 10:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Registry Mechanic
      [2012/09/16 10:42:22 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
      [2012/09/16 10:41:57 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\Ask.com
      [2012/09/16 10:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\kmpmediatoolbar
      [2012/09/16 10:33:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV
      [2012/09/16 10:33:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PANDORA.TV
      [2012/09/16 10:32:44 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
      [2012/09/16 10:32:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer
      [2012/09/16 09:28:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
      [2012/09/16 09:28:05 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
      [2012/09/16 09:27:23 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
      [2012/09/16 09:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
      [2012/09/16 09:27:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
      [2012/09/16 09:27:08 | 000,611,160 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
      [2012/09/16 09:27:08 | 000,089,432 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klflt.sys
      [2012/09/14 16:42:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
      [2012/09/14 16:36:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
      [2012/09/12 21:47:11 | 000,000,000 | ---D | C] -- C:\antyvirus
      [2012/09/12 21:45:01 | 000,000,000 | ---D | C] -- C:\_OTL
      [2012/09/12 20:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
      [2012/09/12 20:21:50 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\Malwarebytes
      [2012/09/12 20:21:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/09/12 20:21:47 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2012/09/12 20:21:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2012/09/12 20:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/09/12 20:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      [2012/09/12 20:20:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2012/09/12 19:53:05 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/09/10 22:45:14 | 000,000,000 | ---D | C] -- C:\Users\tober\Documents\Nintendo_NES_Roms
      [2012/09/09 06:47:23 | 000,000,000 | ---D | C] -- C:\Users\tober\Desktop\I Wanna Be The Guy
      [2012/09/08 23:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
      [2012/09/06 18:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
      [2012/09/06 18:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
      [2012/09/06 18:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
      [2012/09/06 17:01:10 | 000,000,000 | ---D | C] -- C:\Users\tober\Documents\Nokia Suite
      [2012/09/06 16:55:46 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\Nokia Suite
      [2012/09/06 13:12:16 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\LolClient
      [2012/09/06 09:29:23 | 000,000,000 | ---D | C] -- C:\Riot Games
      [2012/09/06 09:29:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
      [2012/09/03 16:41:37 | 000,000,000 | ---D | C] -- C:\Users\tober\Documents\Curriculum
      [2012/08/24 18:37:32 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Local\{FC046D9D-9B44-4592-A31B-DDD6ED11BF7C}
      [2012/08/21 07:09:24 | 000,000,000 | ---D | C] -- C:\Users\tober\Escaner

      ========== Files - Modified Within 30 Days ==========

      [2012/09/16 21:49:08 | 000,010,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/09/16 21:49:08 | 000,010,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/09/16 21:35:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/09/16 21:22:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/09/16 20:16:32 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/09/16 20:15:59 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
      [2012/09/16 20:15:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/09/16 20:15:39 | 3207,585,792 | -HS- | M] () -- C:\hiberfil.sys
      [2012/09/16 15:35:48 | 001,584,826 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/09/16 15:35:48 | 000,713,442 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/09/16 15:35:48 | 000,624,578 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/09/16 15:35:48 | 000,143,174 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/09/16 15:35:48 | 000,110,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/09/16 14:40:22 | 000,001,719 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
      [2012/09/16 13:50:25 | 005,042,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2012/09/16 13:27:58 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
      [2012/09/16 13:27:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
      [2012/09/14 10:23:30 | 000,003,600 | ---- | M] () -- C:\bootsqm.dat
      [2012/09/10 16:53:58 | 000,060,255 | ---- | M] () -- C:\Users\tober\Foto.jpg
      [2012/09/09 17:04:00 | 001,934,674 | ---- | M] () -- C:\Users\tober\2012-09-09-257.jpg
      [2012/09/08 23:03:40 | 000,017,408 | ---- | M] () -- C:\Users\tober\AppData\Local\WebpageIcons.db
      [2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2012/09/06 18:30:33 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
      [2012/09/06 17:28:13 | 1337,894,647 | ---- | M] () -- C:\Users\tober\C7-00_2012-09-06.nbu
      [2012/09/06 09:33:20 | 000,001,720 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
      [2012/08/31 21:31:50 | 000,002,324 | ---- | M] () -- C:\Windows\epplauncher.mif
      [2012/08/29 12:26:28 | 000,035,380 | ---- | M] () -- C:\Users\tober\0108640097.PDF
      [2012/08/29 03:19:50 | 000,163,370 | ---- | M] () -- C:\Users\tober\DSC00001.JPG
      [2012/08/24 18:41:49 | 000,084,198 | ---- | M] () -- C:\Users\tober\Documents\Beto_le_presta_informa.pdf

      ========== Files Created - No Company Name ==========

      [2012/09/16 14:37:48 | 000,002,195 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
      [2012/09/16 13:27:58 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
      [2012/09/16 13:27:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
      [2012/09/16 10:42:51 | 000,040,408 | ---- | C] () -- C:\Windows\SysNative\CleanMFT64.exe
      [2012/09/14 10:23:30 | 000,003,600 | ---- | C] () -- C:\bootsqm.dat
      [2012/09/12 20:18:07 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/09/12 20:18:06 | 000,001,030 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/09/12 19:53:05 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/09/12 19:53:05 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/09/12 19:53:05 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/09/12 14:58:13 | 001,934,674 | ---- | C] () -- C:\Users\tober\2012-09-09-257.jpg
      [2012/09/10 16:53:58 | 000,060,255 | ---- | C] () -- C:\Users\tober\Foto.jpg
      [2012/09/08 23:03:38 | 000,017,408 | ---- | C] () -- C:\Users\tober\AppData\Local\WebpageIcons.db
      [2012/09/06 18:30:33 | 000,002,089 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
      [2012/09/06 17:01:50 | 1337,894,647 | ---- | C] () -- C:\Users\tober\C7-00_2012-09-06.nbu
      [2012/09/06 09:33:20 | 000,001,720 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
      [2012/09/06 07:07:40 | 000,000,838 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/08/31 09:55:16 | 000,002,324 | ---- | C] () -- C:\Windows\epplauncher.mif
      [2012/08/29 12:26:27 | 000,035,380 | ---- | C] () -- C:\Users\tober\0108640097.PDF
      [2012/08/29 03:19:51 | 000,163,370 | ---- | C] () -- C:\Users\tober\DSC00001.JPG
      [2012/08/24 18:41:48 | 000,084,198 | ---- | C] () -- C:\Users\tober\Documents\Beto_le_presta_informa.pdf
      [2012/08/04 12:00:52 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
      [2012/07/28 16:08:26 | 000,012,784 | ---- | C] () -- C:\Windows\scunin.dat
      [2012/07/16 07:49:20 | 000,056,474 | ---- | C] () -- C:\Windows\War3Unin.dat
      [2012/07/02 08:38:34 | 001,610,798 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2012/06/17 20:38:42 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl
      [2012/06/16 19:37:48 | 000,005,632 | ---- | C] () -- C:\Users\tober\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/06/13 13:23:14 | 000,000,386 | RHS- | C] () -- C:\ProgramData\ntuser.pol
      [2012/06/03 18:08:36 | 000,000,132 | ---- | C] () -- C:\Users\tober\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
      [2012/01/13 13:18:51 | 000,007,609 | ---- | C] () -- C:\Users\tober\AppData\Local\Resmon.ResmonCfg
      [2012/01/08 15:48:54 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
      [2012/01/08 14:58:07 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
      [2012/01/08 14:58:05 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
      [2012/01/08 14:57:55 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
      [2012/01/08 14:57:55 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
      [2012/01/08 14:57:54 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
      [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

      ========== LOP Check ==========

      [2012/09/16 10:41:57 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Ask.com
      [2012/08/03 12:54:42 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Canon
      [2012/05/31 20:37:05 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [2012/09/16 14:04:20 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Daoisoft
      [2012/07/19 13:05:40 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\FOG Downloader
      [2012/04/05 21:42:59 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\GetRightToGo
      [2012/07/06 14:43:46 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\IGG
      [2012/09/16 14:40:30 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Iminent
      [2012/07/06 14:37:33 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Kalydo
      [2012/01/18 1743 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Kuma Games
      [2012/09/06 13:12:16 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\LolClient
      [2012/09/06 16:55:45 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Nokia
      [2012/09/06 16:55:46 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Nokia Suite
      [2012/06/17 20:38:09 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Panda Security
      [2012/03/13 12:30:27 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\PC Suite
      [2012/05/31 20:59:12 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\PhotoScape
      [2012/07/28 19:54:53 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Rovio
      [2012/09/16 14:11:39 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\SeriousBit
      [2012/09/16 14:37:27 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\TuneUp Software
      [2012/01/12 13:59:36 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Youtube Downloader HD
      [2012/08/30 10:02:18 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/09/16 21:24:00 | 000,002,381 | ---- | M] () -- C:\AT-Destroyer.txt
      [2012/09/14 10:23:30 | 000,003,600 | ---- | M] () -- C:\bootsqm.dat
      [2012/09/16 20:15:39 | 3207,585,792 | -HS- | M] () -- C:\hiberfil.sys
      [2012/09/16 20:15:41 | 4276,781,056 | -HS- | M] () -- C:\pagefile.sys
      [2012/09/16 21:22:57 | 000,000,142 | ---- | M] () -- C:\prueba.txt

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:D1B5B4F1

      < End of report >

    2. #2
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: La pesadilla de Babylon

      Hola tober986

      al Foro.

      Consejos para antes de publicar un nuevo mensaje

      Políticas del Foro de InfoSpyware

      Políticas Foro Oficial de HijackThis en español
      --------------------------------------------------





      Realiza lo siguiente:






      1.-Ejecutar OTL.exe
      • Pegue el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:
        • NOTA: No copiar la palabra codigo.

        Código:
        :OTL
        IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=42c1007c000000000000d027885727cb&tlver=1.4.19.19&affID=16553
        IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
        IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
        IE - HKCU\..\URLSearchHook: {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
        IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=42c1007c00000 0000000d027885727cb&tlver=1.4.19.19&affID=16553
        IE - HKCU\..\SearchScopes\{4464603A-AE92-4934-AB51-D40C6176DF1C}: "URL" = http://search.softonic.com/MON00245/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=43
        IE - HKCU\..\SearchScopes\{9648332E-6B82-444C-A6A2-4CD1D41FDB2B}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=es_ES&apn_ptnrs=T8&apn_dtid=YYYYYYYYCR&apn_uid=238a3ba0-f206-40cd-9d38-0a3a8e692a67&apn_sauid=10E50301-DEE8-4A24-AE70-0753192C6D40
        IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://eu.ask.com/web?l=dis&o=APN10089&gct=sb&qsrc=2869&apn_dtid=^PFM004^YY^CR&apn_ptnrs=^A5F&apn_uid=5064992377154544&p2=^A5F^PFM004^YY^CR&q={searchTerms}
        IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
        FF - prefs.js..keyword.URL: "http://eu.ask.com/web?l=dis&o=APN10089&gct=kwd&qsrc=2869&apn_dtid=^P FM004^YY^CR&apn_ptnrs=^A5F&apn_uid=506499237715454 4&p2=^A5F^PFM004^YY^CR&q="
        FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\[email protected]: C:\Program Files (x86)\Iminent\[email protected] [2012/09/16 14:40:15 | 000,000,000 | ---D | M]
        [2012/06/17 20:28:14 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\tober\AppData\Roaming\mozilla\Firefox\Pro files\cdx3q7qj.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
        [2012/09/16 10:41:23 | 000,000,000 | ---D | M] (KMP Media Toolbar) -- C:\Users\tober\AppData\Roaming\mozilla\Firefox\Pro files\cdx3q7qj.default\extensions\{daf5b34c-1aa3-4c33-ae24-766a370635d2}
        [2012/07/10 15:00:12 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\tober\AppData\Roaming\mozilla\Firefox\Pro files\cdx3q7qj.default\extensions\[email protected] com
        [2012/09/09 06:33:17 | 000,000,000 | ---D | M] (softonic.com) -- C:\Users\tober\AppData\Roaming\mozilla\Firefox\Pro files\cdx3q7qj.default\extensions\[email protected] c.com
        [2012/09/16 10:41:58 | 000,000,627 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\ask.xml
        O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer. dll (Iminent)
        O2 - BHO: (KMP Media Toolbar) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
        O3 - HKLM\..\Toolbar: (KMP Media Toolbar) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
        O4 - HKCU..\Run: [] File not found
        O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe File not found
        O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
        O1364bit: - gopher Prefix: missing
        O13 - gopher Prefix: missing
        O18:64bit: - Protocol\Handler\livecall - No CLSID value found
        O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
        O18:64bit: - Protocol\Handler\msnim - No CLSID value found
        O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
         O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
        [2012/09/16 14:40:30 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\Iminent
        [2012/09/16 14:40:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
        [2012/09/16 14:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
        [2012/09/16 14:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
        [2012/09/16 10:41:57 | 000,000,000 | ---D | C] -- C:\Users\tober\AppData\Roaming\Ask.com
        [2012/09/16 10:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\kmpmediatoolbar
        [2012/09/16 10:41:57 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Ask.com
        [2012/09/16 14:40:30 | 000,000,000 | ---D | M] -- C:\Users\tober\AppData\Roaming\Iminent
        @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:D1B5B4F1
        
        
        :commands
        [resethosts]
        [emptyflash]
        [emptytemp]
        [emptyjava]
        [Reboot]
      • Luego haga clic en el botón Reparar en la parte superior.
      • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
      • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.




      Nos comentas los resultados.

      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.