• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 13

    Re: No funciona Facebook y aparece otra pagina en su lugar.

    tenia ese mismo problema, ejecute combofix y aca esta el informe aver si ami tambien me pueden ayudar: ComboFix 12-09-29.01 - User 29/09/2012 21:08:57.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.34.3082.18.3000.1779 [GMT -3:00] Running from: ...

    1. #1
      Usuario Avatar de impeker
      Registrado
      sep 2011
      Ubicación
      Iguazú, Misiones, Argentina, Argentina
      Mensajes
      52

      Re: No funciona Facebook y aparece otra pagina en su lugar.

      tenia ese mismo problema, ejecute combofix y aca esta el informe aver si ami tambien me pueden ayudar:

      ComboFix 12-09-29.01 - User 29/09/2012 21:08:57.1.2 - x86
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.34.3082.18.3000.1779 [GMT -3:00]
      Running from: c:\users\User\Downloads\ComboFix.exe
      AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
      FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
      SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      ADS - system32: deleted 12 bytes in 1 streams.
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      Foro de Virus y Spywares.
      Ayuda con: Malwares - Virus - Spywares - Troyanos - Adwares - Worms - Hijackers - Dialers - Rootkits - Keylogger - etc.) Plantéanos tu problema en este sector.
      No ponga su log de HijackThis aquí !!
      .
      - - End Of File - - 4AB7DD76CCD367D91B2C76ACBD8D4229
      Última edición por @Maxfernandez fecha: 29/09/12 a las 23:13:49 Razón: Borrar log de ComboFix

    2. #2
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: No funciona Facebook y aparece otra pagina en su lugar.

      Hola.


      • Descarga OTL a tu escritorio.
        • Cerrar todas las ventanas y programas abiertos antes de ejecutarlo.
        • Hacer doble click en el ícono OTL.exe para comenzar.
        • Cuando la interfaz aparesca, marcar las siguienes opciones: bajo de: "Tipo de Análisis" cambielo a Resultado Mínimo
        • Cambia a Todos donde dice Registro Normal
        • Marcar las opciones: Buscar LOP y Buscar Purity
        • Presione el boton Análizar
          Una vez termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt.
          Por favor copiar y pegar el contenido de OTL.Txt en su siguiente Post
      Nota: Por favor No cambiar el resto de la configuración a menos que se le indique.

      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de impeker
      Registrado
      sep 2011
      Ubicación
      Iguazú, Misiones, Argentina, Argentina
      Mensajes
      52

      Re: No funciona Facebook y aparece otra pagina en su lugar.

      aca esta el informe:

      OTL logfile created on: 02/10/2012 22:48:39 - Run 1
      OTL by OldTimer - Version 3.2.70.1 Folder = C:\Users\User\Downloads
      Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      2,93 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 66,06% Memory free
      5,86 Gb Paging File | 4,50 Gb Available in Paging File | 76,86% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 298,09 Gb Total Space | 242,95 Gb Free Space | 81,50% Space Free | Partition Type: NTFS

      Computer Name: USER-PC | User Name: User | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\User\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\AVG Secure Search\vprot.exe ()
      PRC - C:\Archivos de programa\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
      PRC - C:\Archivos de programa\Samsung\Kies\Kies.exe (Samsung)
      PRC - C:\Archivos de programa\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
      PRC - C:\Archivos de programa\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgemcx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Archivos de programa\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
      PRC - C:\Archivos de programa\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
      PRC - C:\Archivos de programa\Synaptics\Scrybe\scrybe.exe (Synaptics Incorporated)
      PRC - C:\Archivos de programa\Synaptics\Scrybe\Service\ScrybeUpdater.exe (Synaptics, Inc.)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      PRC - C:\Archivos de programa\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Sidebar\sidebar.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\IDT\WDM\sttray.exe (IDT, Inc.)
      PRC - C:\Archivos de programa\IDT\WDM\stacsv.exe (IDT, Inc.)
      PRC - C:\Archivos de programa\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
      PRC - C:\Archivos de programa\IDT\WDM\AEstSrv.exe (Andrea Electronics Corporation)
      PRC - C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

    4. #4
      Usuario Avatar de impeker
      Registrado
      sep 2011
      Ubicación
      Iguazú, Misiones, Argentina, Argentina
      Mensajes
      52

      Re: No funciona Facebook y aparece otra pagina en su lugar.

      porfabor alguien ayudenme que este problema persiste!!!!

    5. #5
      Usuario Avatar de impeker
      Registrado
      sep 2011
      Ubicación
      Iguazú, Misiones, Argentina, Argentina
      Mensajes
      52

      Re: No funciona Facebook y aparece otra pagina en su lugar.

      encontre una particularidad,cuando me conecto desde una red wi-fi el problema desaparese,me aparece facebook normalmente,pero cuando lo ago con la conexion de area local de mi casa (que requiere el cable de internet) el problema persiste y sigue apareciendome lo de compra de cielo enves de facebook.Esto es algo muy raro porfabor espero que puedan ayudarme graciass..

    6. #6
      Moderador
      Avatar de @JFNoda
      Registrado
      sep 2008
      Ubicación
      Islas Canarias
      Mensajes
      5.878

      Re: No funciona Facebook y aparece otra pagina en su lugar.

      Hola impeker.

      Te comento para que no caigas en una infracción

      Te están asesorando y puedo decir que quien lo hace es de los mejores
      No envíes mensajes privados para que te ayuden... ya tienes ayuda!!

      Si tu problema es 'importante' imagina la importancia que tiene para nosotros nuestra familia, nuestro tiempo libre, etc. No hay comparación

      Relájate y espera respuesta del compañero que te atiende.

      Te recalco una de las Normas de este Foro que deberías saber:
      5.2 Recuerden que: NO somos una empresa que le cobra por los servicios, NO somos un servicio técnico, NO atendemos las 24hrs, somos humanos, tenemos también nuestros trabajos, responsabilidades, problemas y familias que atender; somos voluntarios. En conclusión, sólo somos una COMUNIDAD (FORO) DE AYUDANTES VOLUNTARIOS que intentarán ayudarle sin fines de lucro, sin pedirle nada a cambio más que se respeten estas normas y políticas. Sobre todo respeto y camaradería a quienes voluntariamente dedican su tiempo en intentar ayudar a otros.
      Slds.
      Libraman

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: No funciona Facebook y aparece otra pagina en su lugar.

      Hola.

      Tienes que pegar el reporte de OTL completo, si no cabe en una respuesta lo puedes dividir en varias partes.

      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de impeker
      Registrado
      sep 2011
      Ubicación
      Iguazú, Misiones, Argentina, Argentina
      Mensajes
      52

      Re: No funciona Facebook y aparece otra pagina en su lugar.

      aca esta el informe completo:

      OTL logfile created on: 04/10/2012 12:48:43 - Run 2
      OTL by OldTimer - Version 3.2.70.1 Folder = C:\Users\User\Downloads
      Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      2,93 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 69,20% Memory free
      5,86 Gb Paging File | 4,61 Gb Available in Paging File | 78,70% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 298,09 Gb Total Space | 242,76 Gb Free Space | 81,44% Space Free | Partition Type: NTFS

      Computer Name: USER-PC | User Name: User | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\User\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\AVG Secure Search\vprot.exe ()
      PRC - C:\Archivos de programa\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
      PRC - C:\Archivos de programa\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
      PRC - C:\Archivos de programa\Samsung\Kies\Kies.exe (Samsung)
      PRC - C:\Archivos de programa\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
      PRC - C:\Archivos de programa\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgemcx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Archivos de programa\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
      PRC - C:\Archivos de programa\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
      PRC - C:\Archivos de programa\Synaptics\Scrybe\scrybe.exe (Synaptics Incorporated)
      PRC - C:\Archivos de programa\Synaptics\Scrybe\Service\ScrybeUpdater.exe (Synaptics, Inc.)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      PRC - C:\Archivos de programa\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Sidebar\sidebar.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\IDT\WDM\sttray.exe (IDT, Inc.)
      PRC - C:\Archivos de programa\IDT\WDM\stacsv.exe (IDT, Inc.)
      PRC - C:\Archivos de programa\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
      PRC - C:\Archivos de programa\IDT\WDM\AEstSrv.exe (Andrea Electronics Corporation)
      PRC - C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Users\User\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll ()
      MOD - C:\Archivos de programa\AVG Secure Search\vprot.exe ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\ad50dc81bd795c41a13249e612b0d97f\Podcaster.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\ef1196a37e4b26af3e4f56a6bafe9be1\DeviceHost.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\cb37f0e0b86cc3b3586f7c7d27d07cbe\CPKTMusicPlugin.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\d1e0445d4ad25819f70d150acd2d61af\MusicManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\c7a76efab3d60db9618197e000600e2f\Kies.Common.Multimedia.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe ()
      MOD - C:\Archivos de programa\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
      MOD - C:\Archivos de programa\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll ()
      MOD - C:\Archivos de programa\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ef221aa0472b0870b6689ab044fad227\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll ()
      MOD - C:\Archivos de programa\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll ()
      MOD - C:\Archivos de programa\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll ()
      MOD - C:\Archivos de programa\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll ()
      MOD - C:\Archivos de programa\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll ()
      MOD - C:\Archivos de programa\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll ()
      MOD - C:\Archivos de programa\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll ()
      MOD - C:\Archivos de programa\Common Files\LightScribe\QtGui4.dll ()
      MOD - C:\Archivos de programa\Common Files\LightScribe\QtCore4.dll ()
      MOD - C:\Archivos de programa\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()


      ========== Services (SafeList) ==========

      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (vToolbarUpdater12.2.6) -- C:\Archivos de programa\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
      SRV - (avgwd) -- C:\Archivos de programa\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      SRV - (avgfws) -- C:\Archivos de programa\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
      SRV - (AVGIDSAgent) -- C:\Archivos de programa\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
      SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (KSS) -- C:\Archivos de programa\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (AxAutoMntSrv) -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
      SRV - (HP Support Assistant Service) -- C:\Archivos de programa\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
      SRV - (odserv) -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
      SRV - (ScrybeUpdater) -- C:\Archivos de programa\Synaptics\Scrybe\Service\ScrybeUpdater.exe (Synaptics, Inc.)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (HPDrvMntSvc.exe) -- C:\Archivos de programa\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (STacSV) -- C:\Archivos de programa\IDT\WDM\stacsv.exe (IDT, Inc.)
      SRV - (AgereModemAudio) -- C:\Archivos de programa\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (AESTFilters) -- C:\Archivos de programa\IDT\WDM\AEstSrv.exe (Andrea Electronics Corporation)
      SRV - (Microsoft Office Groove Audit Service) -- C:\Archivos de programa\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
      SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
      SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
      DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
      DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
      DRV - (catchme) -- C:\Users\User\AppData\Local\Temp\catchme.sys File not found
      DRV - (aa8vop17) -- File not found
      DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
      DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
      DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
      DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
      DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
      DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
      DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
      DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
      DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
      DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
      DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
      DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
      DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
      DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
      DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
      DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation )
      DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.)
      DRV - (ss_bus) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation)
      DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
      DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)


      ========== Standard Registry (All) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www2.mystart.com/?pr=vmn&id=vmnantiphishing_ad&v=1_0_1_30
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ES
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D9 E6 17 71 E3 02 CD 01 [binary data]
      IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
      IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
      IE - HKCU\..\SearchScopes\{000095F6-834C-469A-A96E-4209322DA3AB}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYAR&apn_uid=79657432-ac5e-44a3-b72a-ec5af948e719&apn_sauid=72F66587-9582-4368-A320-5D5E230D8BBC
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111791&tt=2912_7&babsrc=SP_ss&mntrId=6086ccca0000000000001c659dca4c2c
      IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={92155B28-AC45-4949-BA03-00E7C947120C}&mid=52aac8687a824222bb0ada117973dd06-6a27f9624aa50a48e0a199fd1cbfb7c35a759e81&lang=es&ds=AVG&pr=pr&d=2012-09-16 09:24:58&v=12.2.5.34&sap=dsp&q={searchTerms}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      ========== FireFox ==========

      FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
      FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\12.2.5.34\ [2012/09/15 12:52:26 | 000,000,000 | ---D | M]


      ========== Chrome ==========

      CHR - homepage: about:blank
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
      CHR - homepage: about:blank
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
      CHR - plugin: Shockwave Flash (Disabled) = C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
      CHR - plugin: AVG Internet Security (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
      CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
      CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
      CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
      CHR - plugin: BlackBerry AppWorld (Enabled) = C:\Program Files\Research In Motion Limited\Complemento para explorador de BlackBerry App World\npappworld.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
      CHR - plugin: Google Update (Enabled) = C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
      CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
      CHR - Extension: Angry Birds Rio HD = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajfmpemjnaalkgklhcahndphdfjgecfd\1.1_0\
      CHR - Extension: Angry Birds = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
      CHR - Extension: The Fancy Pants Adventures: Sneak Peek = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbkegjmflkgobogelkobmmdeddkclooc\5_0\
      CHR - Extension: Troll Extension = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bholflblcgmknccpkkgdlaaieoacmmil\1_0\
      CHR - Extension: YouTube = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: Firebug Lite for Google Chrome\u2122 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\
      CHR - Extension: Facebook Me-Gusta Button = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\caampdmalollkcdgdiilgpimcbfjfmoe\1.55_0\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
      CHR - Extension: AutoRage = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcobnmipjngdeelkdmmaklagncemdmcn\0.0.7_0\
      CHR - Extension: The Fancy Panth Adventure World 2 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elpgicifhnajmhpflninnlnpgnaimdpg\2.1_0\
      CHR - Extension: PanicButton = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0\
      CHR - Extension: Causality Games = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl\9_0\
      CHR - Extension: Facebook Troll Emoticons = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fomihjhobickimkgnkijacheiciiaocc\8_0\
      CHR - Extension: Cut the Rope = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\13_0\
      CHR - Extension: Troll Emoticons = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik\4.6.7_0\
      CHR - Extension: Fiery Music = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon\1_0\
      CHR - Extension: The Fancy Pants Adventure World 1 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\knajlofdldpcfoiafmgdedgipdaajmkf\1.0_0\
      CHR - Extension: Webcam Toy = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.3.5_0\
      CHR - Extension: The Fancy Pants Adventure: World 2 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\loamdenijebhollnjgehcfbnpeelfhlk\14_0\
      CHR - Extension: The Fancy Pants - Adventure World 3 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbambeobhcaiagipencajpejnggfjgpb\3.5_0\
      CHR - Extension: AVG Threat Labs Site Safety = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncnjjicckpooflgclhneahpkahcpoama\1.0.3.81_0\
      CHR - Extension: Gmail = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      O1 HOSTS File: ([2012/09/29 21:24:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
      O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Archivos de programa\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Archivos de programa\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
      O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
      O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
      O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
      O4 - HKLM..\Run: [KiesTrayAgent] C:\Archivos de programa\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
      O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
      O4 - HKLM..\Run: [ROC_ROC_NT] C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe ()
      O4 - HKLM..\Run: [SynTPEnh] C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
      O4 - HKLM..\Run: [SysTrayApp] C:\Archivos de programa\IDT\WDM\sttray.exe (IDT, Inc.)
      O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
      O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
      O4 - HKCU..\Run: [Facebook Update] C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKCU..\Run: [KiesPDLR] C:\Archivos de programa\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
      O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
      O4 - HKCU..\Run: [KSS] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
      O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
      O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
      O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04F07FD7-A48E-466C-8151-5AFDE63F6F40}: DhcpNameServer = 192.168.42.129
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A9B1C5F-759A-4E87-A847-260B9F338E60}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7159ADE4-09E0-487E-BEA9-FCB742971CD6}: DhcpNameServer = 192.168.1.1
      O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
      O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\linkscanner - No CLSID value found
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Archivos de programa\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
      O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
      O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Archivos de programa\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
      O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
      O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
      O31 - SafeBoot: AlternateShell - cmd.exe
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/10/03 22:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
      [2012/10/03 22:15:47 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
      [2012/09/29 21:29:40 | 000,000,000 | ---D | C] -- C:\Windows\temp
      [2012/09/29 21:29:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\temp
      [2012/09/29 21:25:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2012/09/29 21:05:41 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2012/09/29 21:05:41 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2012/09/29 21:05:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
      [2012/09/29 21:04:24 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2012/09/29 21:03:45 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
      [2012/09/29 17:01:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Zello
      [2012/09/29 17:00:42 | 000,000,000 | ---D | C] -- C:\Program Files\Zello
      [2012/09/29 12:16:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3DAC7778-70E1-4079-8F72-895FE6126E0F}
      [2012/09/27 13:12:46 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{78AFC1CE-8157-4BCD-AA4E-64D2BB372600}
      [2012/09/27 01:12:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{ECB0F4A4-34E1-458F-9B2D-40B1D6853B56}
      [2012/09/26 13:12:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{87E3ABA6-85EC-4B94-8226-5E136D9F18C0}
      [2012/09/25 16:43:34 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
      [2012/09/25 13:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
      [2012/09/25 13:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
      [2012/09/25 12:50:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{30F8368B-D72A-41A8-B5DA-74E4D42A8FC2}
      [2012/09/24 23:19:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Hewlett-Packard
      [2012/09/24 23:18:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Hewlett-Packard
      [2012/09/24 23:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
      [2012/09/24 23:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
      [2012/09/24 23:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
      [2012/09/24 2352 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\hpqLog
      [2012/09/24 2308 | 000,000,000 | ---D | C] -- C:\ProgramData\{657095DF-DBDB-4B17-8245-B38845C97069}
      [2012/09/24 21:13:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E3E0F25B-3E80-40F3-A99E-ECE66D130EC6}
      [2012/09/24 09:13:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{2EBAB3A5-6783-43F2-9D90-D18F1874EB4F}
      [2012/09/22 23:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
      [2012/09/22 23:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
      [2012/09/22 19:47:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5723D505-3A00-44D1-AE39-56C968B46883}
      [2012/09/22 15:50:43 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\nhh
      [2012/09/22 03:01:03 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
      [2012/09/22 03:01:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
      [2012/09/22 03:01:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
      [2012/09/22 03:01:00 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
      [2012/09/22 03:01:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
      [2012/09/22 03:00:59 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
      [2012/09/22 03:00:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
      [2012/09/22 03:00:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
      [2012/09/21 08:37:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
      [2012/09/20 12:58:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{36489C49-94FE-4E1A-8823-767EBFAE0671}
      [2012/09/18 12:48:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7138CD65-95DE-48D3-B2A4-FE0136B5C096}
      [2012/09/17 23:32:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{02ACB7C2-718C-47CD-AAE2-D00DBAA59E73}
      [2012/09/17 18:58:56 | 000,051,936 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidshx.sys
      [2012/09/17 13:19:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{55CA0EC5-B896-4AA7-8FF7-DC8B5073AE6E}
      [2012/09/17 01:18:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{741A3533-4E1F-4EA4-8E03-3FEED9F754FE}
      [2012/09/16 09:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
      [2012/09/16 09:58:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
      [2012/09/16 09:30:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D14B343A-3943-4D3B-A938-AD92AD13E16F}
      [2012/09/16 09:26:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AVG2013
      [2012/09/16 09:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
      [2012/09/16 09:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
      [2012/09/16 09:15:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\MFAData
      [2012/09/16 09:15:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Avg2013
      [2012/09/16 0159 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
      [2012/09/16 0112 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
      [2012/09/16 0112 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
      [2012/09/16 01:09:20 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\TDSSKiller.exe
      [2012/09/15 12:37:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D5B3C1C3-CE48-4BA5-9FD9-A5FB0930A855}
      [2012/09/15 0003 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
      [2012/09/15 00:09:48 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
      [2012/09/15 00:09:39 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
      [2012/09/15 00:09:39 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
      [2012/09/15 00:09:39 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
      [2012/09/15 00:02:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{61BE673F-EF23-4434-AD0A-F6117E548EF9}
      [2012/09/14 22:24:57 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rndismpx.sys
      [2012/09/14 22:24:57 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
      [2012/09/14 22:24:56 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
      [2012/09/14 22:24:56 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
      [2012/09/14 22:24:55 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
      [2012/09/14 05:34:34 | 000,089,440 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
      [2012/09/13 08:25:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A8C3BF9B-8093-422D-9ABB-3F657077A21C}
      [2012/09/12 20:25:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4E0F0943-8DF4-49F6-83AD-53CE15C4DA36}
      [2012/09/12 11:47:22 | 000,164,704 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
      [2012/09/12 11:47:04 | 000,151,648 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
      [2012/09/11 22:56:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{289410DA-D1F4-4E83-A1D9-8A084BB91F1D}
      [2012/09/08 22:59:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C9AB6123-3D02-4C43-A88B-46DC9727133C}
      [2012/09/08 21:28:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9F1DD042-954B-40DB-9FE7-DF3898A05390}
      [2012/09/08 18:57:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F94834A7-D8F5-4E6F-A3EA-3EE65FA70D7C}
      [2012/09/08 18:43:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DF27DA80-B574-4150-AD65-2AE151780B35}
      [2012/09/08 09:50:46 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7A2EF56D-CA51-4CDD-A76B-8AEBA5F6CCD1}
      [2012/09/08 09:45:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D401D6D5-E570-42EB-BE67-F9F7588A2775}
      [2012/09/06 20:14:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{31926DD9-AE8B-438A-AD81-18DE90ECB08D}
      [2012/09/06 19:50:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{EF753359-6C69-443C-9337-F8C3579E8C41}
      [2012/09/06 18:18:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1869A7BF-95E4-4274-A5A8-5430CA6CEA4C}
      [2012/09/04 17:05:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C48DC5AB-0922-424D-9888-3820FE68703D}
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/10/04 12:43:26 | 000,015,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/10/04 12:43:26 | 000,015,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/10/04 12:37:56 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
      [2012/10/04 12:37:55 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/10/04 12:37:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/10/04 12:37:20 | 2359,504,896 | -HS- | M] () -- C:\hiberfil.sys
      [2012/10/04 01:15:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1401628730-2594826137-3400626852-1000UA.job
      [2012/10/04 01:04:01 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/10/03 23:42:37 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/10/03 23:02:32 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
      [2012/10/03 22:59:56 | 329,590,001 | ---- | M] () -- C:\Windows\MEMORY.DMP
      [2012/10/03 22:18:01 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1401628730-2594826137-3400626852-1000UA.job
      [2012/10/03 22:18:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1401628730-2594826137-3400626852-1000Core.job
      [2012/10/03 21:15:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1401628730-2594826137-3400626852-1000Core.job
      [2012/10/03 18:22:55 | 000,703,840 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2012/10/03 18:22:55 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2012/10/03 18:22:55 | 000,137,806 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2012/10/03 18:22:55 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2012/09/29 21:24:57 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
      [2012/09/29 17:00:43 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Zello.lnk
      [2012/09/25 13:04:05 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
      [2012/09/24 23:17:11 | 000,001,998 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
      [2012/09/23 00:52:31 | 011,053,848 | ---- | M] () -- C:\Users\User\Desktop\Para siempre Ratones Paranoicos y Calamaro.mp3
      [2012/09/22 23:52:27 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
      [2012/09/22 20:02:28 | 057,215,073 | ---- | M] () -- C:\Users\User\Desktop\SYSTEM OF A DOWN Toxicity.rar
      [2012/09/21 23:45:55 | 085,908,725 | ---- | M] () -- C:\Users\User\Desktop\Ska-P - Lagrimas Y Gozos By garcia.argueta.rar
      [2012/09/21 23:42:02 | 046,698,625 | ---- | M] () -- C:\Users\User\Desktop\Ska-P - Eurosis By garcia.argueta.rar
      [2012/09/21 23:16:34 | 106,113,296 | ---- | M] () -- C:\Users\User\Desktop\Obsesionario.rar
      [2012/09/21 23:13:43 | 058,366,601 | ---- | M] () -- C:\Users\User\Desktop\Canciones del Huracan.rar
      [2012/09/21 08:37:31 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
      [2012/09/20 19:01:51 | 000,163,214 | ---- | M] () -- C:\Users\User\Desktop\74767_371106629606253_182161621834089_1107042_512114460_n.jpg
      [2012/09/17 19:25:14 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\TDSSKiller.exe
      [2012/09/17 18:58:56 | 000,051,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidshx.sys
      [2012/09/16 0132 | 000,001,056 | ---- | M] () -- C:\Users\User\Desktop\Kaspersky Security Scan.lnk
      [2012/09/15 12:41:09 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
      [2012/09/15 12:41:09 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
      [2012/09/15 00:09:20 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
      [2012/09/15 00:09:19 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
      [2012/09/15 00:09:19 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
      [2012/09/15 00:09:19 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
      [2012/09/15 00:09:19 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
      [2012/09/15 00:09:19 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
      [2012/09/14 23:51:17 | 000,001,080 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/09/14 05:34:34 | 000,089,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
      [2012/09/12 11:47:22 | 000,164,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
      [2012/09/12 11:47:04 | 000,151,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
      [2012/09/09 11:36:58 | 000,007,625 | ---- | M] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
      [2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2012/09/04 14:44:06 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/09/29 21:05:41 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2012/09/29 21:05:41 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2012/09/29 21:05:41 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2012/09/29 21:05:41 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2012/09/29 21:05:41 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2012/09/29 17:00:43 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zello.lnk
      [2012/09/29 17:00:43 | 000,000,942 | ---- | C] () -- C:\Users\Public\Desktop\Zello.lnk
      [2012/09/25 13:04:05 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
      [2012/09/24 23:17:10 | 000,001,998 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
      [2012/09/24 23:17:08 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
      [2012/09/23 00:52:09 | 011,053,848 | ---- | C] () -- C:\Users\User\Desktop\Para siempre Ratones Paranoicos y Calamaro.mp3
      [2012/09/22 23:52:27 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
      [2012/09/22 19:55:34 | 057,215,073 | ---- | C] () -- C:\Users\User\Desktop\SYSTEM OF A DOWN Toxicity.rar
      [2012/09/21 23:37:36 | 085,908,725 | ---- | C] () -- C:\Users\User\Desktop\Ska-P - Lagrimas Y Gozos By garcia.argueta.rar
      [2012/09/21 23:36:42 | 046,698,625 | ---- | C] () -- C:\Users\User\Desktop\Ska-P - Eurosis By garcia.argueta.rar
      [2012/09/21 23:07:30 | 106,113,296 | ---- | C] () -- C:\Users\User\Desktop\Obsesionario.rar
      [2012/09/21 23:07:01 | 058,366,601 | ---- | C] () -- C:\Users\User\Desktop\Canciones del Huracan.rar
      [2012/09/16 09:25:07 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
      [2012/09/16 0159 | 000,001,056 | ---- | C] () -- C:\Users\User\Desktop\Kaspersky Security Scan.lnk
      [2012/09/04 14:44:06 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
      [2012/08/26 22:24:20 | 000,007,625 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
      [2012/07/30 14:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
      [2012/07/30 14:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
      [2012/07/30 14:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
      [2012/07/30 14:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
      [2012/07/30 14:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
      [2012/05/01 11:41:41 | 000,005,632 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/03/08 11:01:11 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
      [2012/03/08 11:00:09 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
      [2011/06/10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
      [2011/02/11 1852 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
      [2011/02/11 1850 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
      [2011/02/11 1850 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
      [2011/02/11 17:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
      [2011/02/11 17:38:44 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

      ========== ZeroAccess Check ==========

      [2009/07/14 01:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 09:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 22:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/09/16 10:01:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AVG
      [2012/03/06 00:35:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AVG10
      [2012/09/16 09:26:33 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AVG2013
      [2012/05/19 21:46:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Babylon
      [2012/03/06 02:09:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Easeware
      [2012/04/15 14:28:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FMA
      [2012/03/20 20:20:33 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenCandy
      [2012/04/06 15:56:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Rovio
      [2012/08/31 19:37:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Samsung
      [2012/03/31 11:27:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Synaptics
      [2012/04/11 21:24:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software
      [2012/06/20 17:45:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
      [2012/03/16 21:53:40 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Windows Live Writer

      ========== Purity Check ==========



      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4
      @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:5C321E34

      < End of report >

    9. #9
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: No funciona Facebook y aparece otra pagina en su lugar.

      Hola.

      Realice lo siguiente:

      1. Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) By Infospyware.
        • Desactiva temporalmente el Antivirus y/o Antispyware.
        • Ejecuta la herramienta como administrador.
        • Aparecerá el Disclaimer de la herramienta.Presiona .
        • Presiona sobre la opción 1 (Buscar y Destruir)
        • La herramienta desconectará el escritorio moméntaneamente.
        • En caso de estar infectado,la herramienta lo indicará con lineas rojas donde se haya encontrado la infección,sino,serán lineas verdes.
        • Una vez terminado el escaneo,podrás volver a ver el escritorio y se te abrirá un reporte,que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.


      2. Sombree el contenido del siguiente recuadro (excepto la palabra código), luego haga clic derecho con el ratón > Copiar.
        Código:
        :OTL
        MOD - C:\Users\User\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll ()
        IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www2.mystart.com/?pr=vmn&id=vmnantiphishing_ad&v=1_0_1_30
        IE - HKCU\..\SearchScopes\{000095F6-834C-469A-A96E-4209322DA3AB}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYAR&a pn_uid=79657432-ac5e-44a3-b72a-ec5af948e719&apn_sauid=72F66587-9582-4368-A320-5D5E230D8BBC
        IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111791&tt=2912_7&babsrc=SP_ ss&mntrId=6086ccca0000000000001c659dca4c2c
        O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
        O4 - HKCU..\Run: [Facebook Update] C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
        O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
        @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4
        @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:5C321E34
        
        
        :files
        ipconfig /flushdns /c
        
        
        :commands
        [resethosts]
        [emptytemp]
        [createrestorepoint]
      3. Ejecutar OTL.exe
        • Clic derecho con el ratón bajo la casilla Análisis Personalizados/Código de Reparación > Pegar.
        • Luego haga clic en el botón Reparar ubicado en la parte superior.
        • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
        • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.



      Nos comenta los resultados.

      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de impeker
      Registrado
      sep 2011
      Ubicación
      Iguazú, Misiones, Argentina, Argentina
      Mensajes
      52

      Re: No funciona Facebook y aparece otra pagina en su lugar.

      pasa algo raro con el AT-Destroyer,cuando lo descargo lo intento ejecutar y me dice que windows no puede encontrar el archivo siendo que yo no lo borro solo cuando termina de descargar lo abro y me sale ese error,noce porque. bueno por otro lado aca esta el reporte del OTL:

      All processes killed
      ========== OTL ==========
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{000095F6-834C-469A-A96E-4209322DA3AB}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{000095F6-834C-469A-A96E-4209322DA3AB}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
      Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ .
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
      C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe moved successfully.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
      ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
      ADS C:\ProgramData\TEMP:5C321E34 deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\User\Downloads\cmd.bat deleted successfully.
      C:\Users\User\Downloads\cmd.txt deleted successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 67 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: LUIS
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 43060295 bytes
      ->Java cache emptied: 0 bytes
      ->Flash cache emptied: 1031 bytes

      User: Public
      ->Temp folder emptied: 0 bytes

      User: User
      ->Temp folder emptied: 6237372 bytes
      ->Temporary Internet Files folder emptied: 206005432 bytes
      ->Java cache emptied: 1 bytes
      ->Google Chrome cache emptied: 98608634 bytes
      ->Flash cache emptied: 42834 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 286265050 bytes
      RecycleBin emptied: 1548417 bytes

      Total Files Cleaned = 612,00 mb

      Restore point Set: OTL Restore Point

      OTL by OldTimer - Version 3.2.70.1 log created on 10052012_180449

      Files\Folders moved on Reboot...

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

      ENCONTRE UN NUEVO PROBLEMA,CUANDO INTENTO ACCEDER AL EXPLORADOR DE WINDOWS O A EQUIPO,DESCARGAS Y ESO ME DICE ''INTERFAZ NO COMPATIBLE'' YO ESTOY SEGURO QUE ESTO LO PROBOCO EL OTL PORQUE DESPUES DE REINICIAR EL EQUIPO CUANDO TERMINO DE REPARAR LOS ERRORES APARECIO ESTE PROBLEMA,POR FABOR DECIME QUE PUEDO HACER CON ESTA PROBLEMA PROBOCADO POR EL OTL Y TAMBIEN CUANDO REINICIE EL EQUIPO AVG ME DECIA QUE YA NO RECONOSE MI NUMERO DE LICENSIA .GRACIAS Y ESPERO CON IMPACIENCIA TU RESPUESTA
      Última edición por impeker fecha: 05/10/12 a las 18:03:27

    Página 1 de 2 12 ÚltimoÚltimo