• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 22

    dt kill no me funciona

    buenas a todos y todas. Empec'e con el virus de dos acentos y tras usar el dt kill, el malwarebytes y el cc cleaner me ha mutado y ahora sale as'i. Tampoco me sale la ...

    1. #1
      Usuario Avatar de karlosrr
      Registrado
      oct 2012
      Ubicación
      tenerife
      Mensajes
      15

      Malware dt kill no me funciona

      buenas a todos y todas. Empec'e con el virus de dos acentos y tras usar el dt kill, el malwarebytes y el cc cleaner me ha mutado y ahora sale as'i. Tampoco me sale la @ ni las comillas. Obviamente con ser molesto no es lo peor, ya que suelo operar con ing (banco) por el pc y me han salido un par de errores al usar el dni electrónico y he tenido q usar la tarjeta de coordenadas, con lo que tengo miedo a estar infectado y que me llegue a entrar en la cuenta corriente. He intentado restaurar sistema pero lo m'as que me deja llegar es hasta el 5 de octubre con lo que todo sigue igual.

      Me tiene desesperado y por m'as que he seguido los consejos de infospyware no lo puedo sacar. Alguna idea

    2. #2
      Ex-Colaborador Avatar de Kirigi
      Registrado
      jun 2007
      Ubicación
      Venezuela
      Mensajes
      7.437

      Re: dt kill no me funciona

      Hola karlosrr, te doy la bienvenida al foro de Infospyware

      Cada vez este bicho se pone mas y mas pesado

      • Descarga la herramienta OTL by OldTimer en tu escritorio.
      • Cierre todas las ventanas y programas abiertos. Haga doble clic sobre OTL.exe para ejecutarlo.
      • En Tipo de Análisis marque la casilla "Resultado Mínimo". Por ultimo seleccione las siguientes opciones:
        • Usar listado de Compañías Reconocidas
        • Omitir Archivos de Microsoft
      • Copie el siguiente código: (Se excluye la palabra "Código:")

      Código:
      msconfig
      netsvcs
      safebootminimal
      %systemdrive%\*.*
      %PROGRAMFILES%\*.*
      %systemroot%\*. /mp /s
      %systemroot%\Tasks\*.job /lockedfiles
      %temp%\*.exe /15
      %windir%\system32\*.exe /15
      %windir%\SysWow64\*.exe /15
      %windir%\SysNative\*.exe /15
      HKCU\Software\Microsoft\Windows\CurrentVersion\Run /s
      HKLM\Software\Microsoft\Windows\CurrentVersion\Run /s
      HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce /s
      HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce /s
      • Pegue el código sobre el área Análisis Personalizados / Código de Reparación.


      • Haga clic en el botón Analizar y espere paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos, OTL.txt y Extras.txt. Éstos aparecerán grabados en donde OTL fue ejecutado.



      Para terminar abra el archivo OTL.txt, copie y pegue todo su contenido en la siguiente respuesta para revisarlo.


      Salu2.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de karlosrr
      Registrado
      oct 2012
      Ubicación
      tenerife
      Mensajes
      15

      Re: dt kill no me funciona

      Gracias por su ayuda. Aqu'i va>

      OTL logfile created on: 10/10/2012 14:45:51 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\atb\Desktop
      Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      2,97 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 69,74% Memory free
      5,93 Gb Paging File | 4,83 Gb Available in Paging File | 81,50% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 465,62 Gb Total Space | 260,85 Gb Free Space | 56,02% Space Free | Partition Type: NTFS

      Computer Name: ATB-PC | User Name: atb | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\atb\Desktop\OTL.exe (OldTimer Tools)
      PRC - c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
      PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
      PRC - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
      PRC - C:\Program Files\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE ()
      PRC - C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE (Dell Inc.)


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll ()
      MOD - C:\Windows\System32\DOCOBJ.DLL ()


      ========== Services (SafeList) ==========

      SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe File not found
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
      SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (PSUAService) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      SRV - (NanoServiceMain) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (DragonSvc) -- C:\Program Files\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)
      SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (wltrysvc) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE ()
      SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
      SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (catchme) -- C:\Users\atb\AppData\Local\Temp\catchme.sys File not found
      DRV - (anbt3yeo) -- File not found
      DRV - (MpKsl378583d6) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E20C8F9F-D570-4A61-9968-5903A00FE7A7}\MpKsl378583d6.sys (Microsoft Corporation)
      DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
      DRV - (PSINProt) -- C:\Windows\System32\drivers\PSINProt.sys (Panda Security, S.L.)
      DRV - (PSINProc) -- C:\Windows\System32\drivers\PSINProc.sys (Panda Security, S.L.)
      DRV - (PSINKNC) -- C:\Windows\System32\drivers\PSINKNC.sys (Panda Security, S.L.)
      DRV - (PSINAflt) -- C:\Windows\System32\drivers\PSINAflt.sys (Panda Security, S.L.)
      DRV - (PSINFile) -- C:\Windows\System32\drivers\PSINFile.sys (Panda Security, S.L.)
      DRV - (NNSSTRM) -- C:\Windows\System32\drivers\NNSStrm.sys (Panda Security, S.L.)
      DRV - (NNSTLSC) -- C:\Windows\System32\drivers\NNStlsc.sys (Panda Security, S.L.)
      DRV - (NNSPROT) -- C:\Windows\System32\drivers\NNSProt.sys (Panda Security, S.L.)
      DRV - (NNSPRV) -- C:\Windows\System32\drivers\NNSPrv.sys (Panda Security, S.L.)
      DRV - (NNSSMTP) -- C:\Windows\System32\drivers\NNSSmtp.sys (Panda Security, S.L.)
      DRV - (NNSPOP3) -- C:\Windows\System32\drivers\NNSPop3.sys (Panda Security, S.L.)
      DRV - (NNSPIHSW) -- C:\Windows\System32\drivers\NNSPihsw.sys (Panda Security, S.L.)
      DRV - (NNSIDS) -- C:\Windows\System32\drivers\NNSIds.sys (Panda Security, S.L.)
      DRV - (NNSPICC) -- C:\Windows\System32\drivers\NNSpicc.sys (Panda Security, S.L.)
      DRV - (NNSNAHSL) -- C:\Windows\System32\drivers\NNSNAHSL.sys (Panda Security, S.L.)
      DRV - (NNSHTTP) -- C:\Windows\System32\drivers\NNSHttp.sys (Panda Security, S.L.)
      DRV - (NNSALPC) -- C:\Windows\System32\drivers\NNSAlpc.sys (Panda Security, S.L.)
      DRV - (GDPkIcpt) -- C:\Windows\System32\drivers\PktIcpt.sys (G Data Software AG)
      DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation)
      DRV - (sscdbus) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation)
      DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation)
      DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
      DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
      DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation)
      DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc)
      DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
      DRV - (PSKMAD) -- C:\Windows\System32\drivers\PSKMAD.sys (Panda Security)
      DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
      DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
      DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
      DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
      DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
      DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
      DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
      DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (ALWIL Software)
      DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)
      DRV - (VIACRX86) -- C:\Windows\System32\drivers\viacr.sys (VIA Technologies, Inc. )
      DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDtC0A0F0EyDyEyCzyyEzztN0D0Tzu0CtBzztAtN1L2XzutBtFtBtFtDtFtAyEyE&cr=301003359
      IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{27A44E44-2969-54A1-2DEB-00ED698A1EC4}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=164&systemid=406&sr=0&q={searchTerms}
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDtC0A0F0EyDyEyCzyyEzztN0D0Tzu0CtBzztAtN1L2XzutBtFtBtFtDtFtAyEyE&cr=301003359

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.es/
      IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDtC0A0F0EyDyEyCzyyEzztN0D0Tzu0CtBzztAtN1L2XzutBtFtBtFtDtFtAyEyE&cr=301003359
      IE - HKCU\..\SearchScopes\{27A44E44-2969-54A1-2DEB-00ED698A1EC4}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110819&tt=100512_4_&babsrc=SP_ss&mntrId=7c656948000000000000904ce51afe54
      IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.google.com/search?ie=utf-8&oe=utf-8&rlz=1V4IPYX&q={searchTerms}
      IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=164&systemid=406&sr=0&q={searchTerms}
      IE - HKCU\..\SearchScopes\{FCF1483A-9FCB-4000-817A-8EA743C58EE3}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=es_ES&apn_ptnrs=T8&apn_dtid=YYYYYYYYES&apn_uid=4d6d2dad-4621-4f2b-8bdc-9c8d6f977c9c&apn_sauid=4B3CF612-D7AB-4FDC-A817-A888C096E2D9
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      ========== FireFox ==========

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
      FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
      FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\atb\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\atb\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/31 12:19:36 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/24 09:27:43 | 000,000,000 | ---D | M]

      [2010/09/10 07:19:24 | 000,305,152 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npuuseep.dll

      ========== Chrome ==========

      CHR - homepage: http://www.ask.com/?l=dis&o=14672cr
      CHR - homepage: http://search.babylon.com/?affID=112209&tt=100512_4_&babsrc=HP_ss&mntrId=7c656948000000000000904ce51afe54
      CHR - default_search_provider: Funmoods ()
      CHR - default_search_provider: search_url = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDtC0A0F0EyDyEyCzyyEzztN0D0Tzu0CtBzztAtN1L2XzutBtFtBtFtDtFtAyEyE&cr=301003359
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://searchfunmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDtC0A0F0EyDyEyCzyyEzztN0D0Tzu0CtBzztAtN1L2XzutBtFtBtFtDtFtAyEyE&cr=301003359
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\atb\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\atb\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\atb\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
      CHR - plugin: Shockwave Flash (Disabled) = C:\Users\atb\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
      CHR - plugin: registryAccess (Enabled) = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoomnboffjcgcebabolakmhbblbk\7.15.1.22466_0\background/registryAccess.dll
      CHR - plugin: (Enabled) = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll
      CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.5_0\BabylonChromeToolBar.dll
      CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Orbit Downloader (Enabled) = C:\Users\atb\AppData\Local\Google\Chrome\Application\plugins\nporbit.dll
      CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
      CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
      CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
      CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll
      CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
      CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
      CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
      CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
      CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
      CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
      CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
      CHR - plugin: Google Update (Enabled) = C:\Users\atb\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
      CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
      CHR - Extension: YouTube = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: Browser Companion Helper = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
      CHR - Extension: Marble = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijhebjoppbkfocoeceijgihihgckeool\1.0\
      CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
      CHR - Extension: \u003Cvideo\u003E de HTML5 de DivX Plus Web Player = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
      CHR - Extension: Busca Ebooks = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\onnemnalkilmgkkfdjlmonebocdliioi\2.6_0\
      CHR - Extension: Gmail = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
      O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
      O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
      O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
      O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
      O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      O4 - HKCU..\Run: [] File not found
      O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
      O4 - HKCU..\Run: [miCoach Manager] C:\Program Files\adidas\miCoach Manager\SyncManager.exe (adidas)
      O4 - HKCU..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found
      O4 - HKCU..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
      O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
      O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
      O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
      O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 File not found
      O13 - gopher Prefix: missing
      O15 - HKCU\..Trusted Domains: aeat.es ([www] https in )
      O15 - HKCU\..Trusted Domains: fnmt.es ([]http in )
      O15 - HKCU\..Trusted Domains: fnmt.es ([]https in )
      O15 - HKCU\..Trusted Domains: gob.es ([agenciatributaria] https in )
      O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://web.atar.rima-tde.net/sdccommon/download/tgctlcm.cab (Support.com Configuration Class)
      O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)
      O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
      O16 - DPF: {2DAB6EF1-66C3-427C-87CD-8DC448C47EAE} https://www5.aeat.es/es13/h/tgvicab.cab (CtlTGVI Class)
      O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} http://www.facebook.com/controls/contactx.dll (ContactExtractor Class)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
      O16 - DPF: {947B00D2-962D-4A35-9E48-98EE6A442B41} https://www1.agenciatributaria.gob.es/ADUA/internet/aded1503.cab (OAdedinet Class)
      O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} https://www1.agenciatributaria.gob.es/es13/h/cactivex.cab (AeatCtl Class)
      O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.6.2)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldes-es.cab (Windows Live Hotmail Photo Upload Tool)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.58.61.250 80.58.61.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{672A9C47-B8B8-4915-BA35-C852F3744E81}: DhcpNameServer = 80.58.61.250 80.58.61.254
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      MsConfig - StartUpFolder: C:^Users^atb^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dragon NaturallySpeaking.lnk - - File not found
      MsConfig - StartUpFolder: C:^Users^atb^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe - ()
      MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: ares - hkey= - key= - C:\Program Files\Ares\Ares.exe (Ares Development Group)
      MsConfig - StartUpReg: Browser companion helper - hkey= - key= - File not found
      MsConfig - StartUpReg: ChromeFrameHelper - hkey= - key= - File not found
      MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
      MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\atb\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
      MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - File not found
      MsConfig - StartUpReg: KiesHelper - hkey= - key= - C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
      MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
      MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
      MsConfig - StartUpReg: miCoach Manager - hkey= - key= - C:\Program Files\adidas\miCoach Manager\SyncManager.exe (adidas)
      MsConfig - StartUpReg: PDFPrint - hkey= - key= - C:\Program Files\PDF24\pdf24.exe (Geek Software GmbH)
      MsConfig - StartUpReg: TkBellExe - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
      MsConfig - StartUpReg: UUSeeMediaCenter - hkey= - key= - File not found
      MsConfig - State: "startup" - 2

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: Sharedaccess - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found

      SafeBootMin: Base - Driver Group
      SafeBootMin: Boot Bus Extender - Driver Group
      SafeBootMin: Boot file system - Driver Group
      SafeBootMin: File system - Driver Group
      SafeBootMin: Filter - Driver Group
      SafeBootMin: HelpSvc - Service
      SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      SafeBootMin: NTDS - File not found
      SafeBootMin: PCI Configuration - Driver Group
      SafeBootMin: PEVSystemStart - Service
      SafeBootMin: PNP Filter - Driver Group
      SafeBootMin: Primary disk - Driver Group
      SafeBootMin: procexp90.Sys - Driver
      SafeBootMin: sacsvr - Service
      SafeBootMin: SCSI Class - Driver Group
      SafeBootMin: System Bus Extender - Driver Group
      SafeBootMin: vmms - Service
      SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
      SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
      SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
      SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
      SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
      SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
      SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
      SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
      SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
      SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
      SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
      SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
      SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
      SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
      SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
      SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
      SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/10/10 14:42:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\atb\Desktop\OTL.exe
      [2012/10/10 11:57:06 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Roaming\Panda Security
      [2012/10/10 11:56:46 | 000,046,280 | ---- | C] (Panda Security) -- C:\Windows\System32\drivers\PSKMAD.sys
      [2012/10/10 11:56:41 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
      [2012/10/10 11:56:40 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\panda2_0dn
      [2012/10/10 11:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security URL Filtering
      [2012/10/10 11:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
      [2012/10/10 11:55:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
      [2012/10/10 11:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
      [2012/10/10 11:26:29 | 000,000,000 | ---D | C] -- C:\_DT-Kill
      [2012/10/10 10:45:09 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Roaming\Real
      [2012/10/10 09:59:19 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{D6220828-F07B-47AD-99E4-106C47CDEC23}
      [2012/10/10 00:33:51 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Roaming\Malwarebytes
      [2012/10/10 00:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/10/10 00:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/10/10 00:33:36 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2012/10/10 00:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2012/10/10 00:26:08 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Roaming\FLEXnet
      [2012/10/10 00:12:40 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Roaming\Macromedia
      [2012/10/10 00:12:34 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Roaming\Adobe
      [2012/10/10 00:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Funmoods
      [2012/10/09 23:43:01 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Roaming\Nuance
      [2012/10/09 23:34:16 | 000,000,000 | ---D | C] -- C:\DTRToll
      [2012/10/09 23:27:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2012/10/09 23:25:15 | 000,000,000 | --SD | C] -- C:\ComboFix
      [2012/10/09 23:18:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2012/10/09 23:18:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2012/10/09 23:18:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
      [2012/10/09 22:54:21 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
      [2012/10/09 22:52:35 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2012/10/09 22:52:02 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
      [2012/10/09 21:58:44 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{BE520370-8FE8-4D1A-843C-2F92B0D9E777}
      [2012/10/09 1515 | 000,000,000 | ---D | C] -- C:\Users\atb\Desktop\Traducir
      [2012/10/09 14:39:19 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\Wajam
      [2012/10/09 14:39:17 | 000,000,000 | ---D | C] -- C:\Program Files\Wajam
      [2012/10/09 11:23:37 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{819F15F8-5CA2-42C2-8F0B-35914242D58B}
      [2012/10/08 23:23:10 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{3102A073-00EE-4440-AD86-D78CB1405CFB}
      [2012/10/08 09:33:31 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{9BB10021-DD7A-4E05-960B-2BB4C3B28733}
      [2012/10/07 14:19:26 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{529A877A-1B9E-4184-95AB-854C29A12513}
      [2012/10/07 02:18:59 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{1C62CE0C-505E-473B-A674-7B0E97BC7BD8}
      [2012/10/07 00:31:14 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
      [2012/10/06 14:18:33 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{DE2796C0-B2C0-4C12-89A4-64841A41FA69}
      [2012/10/06 02:18:07 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{E20C9003-5985-47D5-B961-8ED9571F733B}
      [2012/10/05 23:04:29 | 000,000,000 | ---D | C] -- C:\VPSL
      [2012/10/05 11:27:43 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{88786EE1-88CF-45C1-960E-EB77E8D8438F}
      [2012/10/04 23:27:17 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{B74D39EF-ACCC-42FD-B4E9-FB623F7D506F}
      [2012/10/04 11:26:51 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{A3A7F6A0-62D4-4FDD-AD83-3454145CCC80}
      [2012/10/03 23:26:23 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{1127737B-CCBD-49AB-9399-DA79250A2DAD}
      [2012/10/03 11:15:32 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{A4511DD9-E56B-494B-8413-865966CD75D3}
      [2012/10/02 23:15:06 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{573A5033-D752-4091-97AC-10C1169D33AA}
      [2012/09/25 01:15:05 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{21DD7FA8-BB20-4AAD-A8F9-18B6519235AD}
      [2012/09/24 14:22:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking 11.0
      [2012/09/24 14:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\IVA
      [2012/09/24 14:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nuance
      [2012/09/24 14:17:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance
      [2012/09/24 11:19:21 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{EA3F6C72-833F-4466-9E55-41CF0F3684EC}
      [2012/09/23 23:18:54 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{4EE3A61D-A290-45D5-873B-DB710DC91310}
      [2012/09/23 11:18:24 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{8606DC02-C8C8-47BC-8EAE-D6BCCB07DA1D}
      [2012/09/22 23:18:04 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{D09FE4E5-F290-4C55-98E8-C82FA707D511}
      [2012/09/22 11:12:00 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{1856290F-2422-4AFE-8A98-92FB5502032C}
      [2012/09/21 21:33:12 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{7314D282-A4B0-4BE0-9964-D207CF4CF3A2}
      [2012/09/21 09:32:24 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{B8DFBF1E-9977-4CB7-94A3-3D744625AE15}
      [2012/09/20 1545 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{37F88A40-265F-47A2-AA68-702BFD45B445}
      [2012/09/20 09:24:09 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{9EAE1B49-130A-4734-832D-AAB458F9889E}
      [2012/09/19 13:49:49 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{835C4551-BCF9-4650-9A9E-32093A685FB5}
      [2012/09/19 01:33:21 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{3F1CB86A-0F34-49B4-AA43-58F689791F9B}
      [2012/09/18 12:43:25 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{B9F82CB6-4114-434A-9222-DFF573EC7F95}
      [2012/09/18 00:42:58 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{F418B9ED-2923-49F9-8C73-6AD84AB1E00B}
      [2012/09/17 12:42:31 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{04466BD4-C89A-4E97-859B-85593D60A082}
      [2012/09/16 23:17:27 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{5F8A9EA6-F1F9-46E6-A800-AC1F0DD3290F}
      [2012/09/16 11:17:16 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{007671E6-D2A6-4632-B0FF-3B135B8BE8DC}
      [2012/09/15 13:00:40 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{A623202F-05C9-4F21-B6AB-482A75902DC2}
      [2012/09/15 11:46:57 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
      [2012/09/15 11:46:57 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
      [2012/09/15 11:45:11 | 000,000,000 | ---D | C] -- C:\Program Files\FNMT-RCM
      [2012/09/15 00:59:52 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{A4B1FEBE-CC6A-40B5-BCCF-387B99DCD9F1}
      [2012/09/14 12:18:13 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{A2665690-4455-4B0D-B3DA-D2E4CD163F9C}
      [2012/09/13 23:17:02 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{612602CF-0C46-4FFA-BD7A-64B8BCCD701C}
      [2012/09/13 22:43:32 | 000,000,000 | ---D | C] -- C:\Users\atb\Desktop\Con la muerte en los talones.HDrip
      [2012/09/13 11:16:33 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{1BD597F1-D309-422E-AB8C-F91513D6D3DA}
      [2012/09/12 11:15:54 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{46C383DE-6E0E-485B-9573-0B6B4C755879}
      [2012/09/11 22:16:32 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{A7E6A180-2988-465E-8A77-C56404934F3C}
      [2012/09/11 10:16:04 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{2E32EC81-448B-4089-B0F7-C685DE490190}
      [2012/09/10 22:15:40 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\{5488D713-2E8F-4AAB-BACD-6D9864FD2DEB}
      [2012/05/04 10:47:26 | 010,640,384 | ---- | C] (AEAT) -- C:\Users\atb\Actualizacion_Renta2011_windows_1_20.exe
      [2012/04/21 11:51:03 | 013,731,840 | ---- | C] (AEAT) -- C:\Users\atb\Actualizacion_Renta2011_windows_1_10.exe
      [2011/02/25 19:52:33 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsiw.exe
      [2011/02/25 19:52:33 | 000,547,080 | ---- | C] (ABBYY.) -- C:\Program Files\Setup.exe
      [2011/02/25 19:52:33 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Program Files\unicows.dll
      [2007/10/18 12:34:02 | 005,724,184 | ---- | C] (Microsoft Corporation) -- C:\Users\atb\msnmsgr2.exe
      [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
      [2 C:\Users\atb\Desktop\*.tmp files -> C:\Users\atb\Desktop\*.tmp -> ]
      [1 C:\Users\atb\Documents\*.tmp files -> C:\Users\atb\Documents\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/10/10 14:42:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\atb\Desktop\OTL.exe
      [2012/10/10 14:21:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/10/10 14:00:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3152185067-3705363877-1646377439-1000UA.job
      [2012/10/10 11:35:27 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/10/10 11:35:27 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/10/10 11:28:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/10/10 11:28:02 | 2388,238,336 | -HS- | M] () -- C:\hiberfil.sys
      [2012/10/10 11:00:05 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3152185067-3705363877-1646377439-1000Core.job
      [2012/10/10 09:28:12 | 000,448,504 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
      [2012/10/10 00:33:43 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/10/10 00:07:30 | 000,290,500 | ---- | M] () -- C:\Users\atb\AppData\Local\funmoods-speeddial_sf.crx
      [2012/10/10 00:04:48 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2012/10/09 23:48:54 | 000,001,365 | ---- | M] () -- C:\Users\atb\Desktop\iexplore.exe - Acceso directo.lnk
      [2012/10/09 23:45:04 | 000,024,576 | ---- | M] () -- C:\Windows\System32\umstartup.etl
      [2012/10/09 21:53:23 | 000,000,386 | RHS- | M] () -- C:\ProgramData\ntuser.pol
      [2012/10/09 14:19:34 | 001,966,751 | ---- | M] () -- C:\Users\atb\Desktop\2012sep_listadoIIJJ.pdf
      [2012/10/08 10:20:31 | 000,073,485 | ---- | M] () -- C:\Users\atb\Desktop\548824_507458932600586_2131394327_n.jpg
      [2012/10/05 22:56:37 | 000,710,038 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2012/10/05 22:56:37 | 000,621,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2012/10/05 22:56:37 | 000,140,204 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2012/10/05 22:56:37 | 000,108,470 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2012/10/05 19:48:25 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
      [2012/10/05 11:39:45 | 000,486,234 | ---- | M] () -- C:\Users\atb\Desktop\teaching agency application for qts eea.pdf
      [2012/10/04 17:48:33 | 000,944,000 | ---- | M] () -- C:\Users\atb\Desktop\Traducir.rar
      [2012/10/03 01:45:43 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
      [2012/09/24 14:22:20 | 000,002,787 | ---- | M] () -- C:\Users\Public\Desktop\Dragon NaturallySpeaking 11.0.lnk
      [2012/09/16 23:57:33 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
      [2012/09/11 22:16:26 | 073,164,918 | ---- | M] () -- C:\Users\atb\LostS02E03.mov
      [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
      [2 C:\Users\atb\Desktop\*.tmp files -> C:\Users\atb\Desktop\*.tmp -> ]
      [1 C:\Users\atb\Documents\*.tmp files -> C:\Users\atb\Documents\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/10/10 09:27:59 | 000,448,504 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
      [2012/10/10 00:33:43 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/10/10 00:07:48 | 000,290,500 | ---- | C] () -- C:\Users\atb\AppData\Local\funmoods-speeddial_sf.crx
      [2012/10/09 23:48:54 | 000,001,365 | ---- | C] () -- C:\Users\atb\Desktop\iexplore.exe - Acceso directo.lnk
      [2012/10/09 23:18:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2012/10/09 23:18:50 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2012/10/09 23:18:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2012/10/09 23:18:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2012/10/09 23:18:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2012/10/09 14:19:34 | 001,966,751 | ---- | C] () -- C:\Users\atb\Desktop\2012sep_listadoIIJJ.pdf
      [2012/10/08 10:20:36 | 000,073,485 | ---- | C] () -- C:\Users\atb\Desktop\548824_507458932600586_2131394327_n.jpg
      [2012/10/05 11:39:45 | 000,486,234 | ---- | C] () -- C:\Users\atb\Desktop\teaching agency application for qts eea.pdf
      [2012/10/04 17:48:33 | 000,944,000 | ---- | C] () -- C:\Users\atb\Desktop\Traducir.rar
      [2012/09/24 14:22:20 | 000,002,787 | ---- | C] () -- C:\Users\Public\Desktop\Dragon NaturallySpeaking 11.0.lnk
      [2012/09/16 23:57:33 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
      [2012/09/16 23:57:33 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
      [2012/09/11 22:09:38 | 073,164,918 | ---- | C] () -- C:\Users\atb\LostS02E03.mov
      [2012/09/09 15:53:12 | 000,007,612 | ---- | C] () -- C:\Users\atb\AppData\Local\Resmon.ResmonCfg
      [2012/06/06 12:44:05 | 000,004,608 | ---- | C] () -- C:\Users\atb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/04/17 12:44:15 | 000,053,248 | ---- | C] () -- C:\Windows\System32\adedinet.dll
      [2012/03/17 13:14:07 | 000,004,096 | -H-- | C] () -- C:\Users\atb\AppData\Local\keyfile3.drm
      [2012/01/31 02:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
      [2012/01/31 02:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
      [2012/01/31 02:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
      [2012/01/31 02:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
      [2012/01/31 02:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
      [2011/08/31 09:22:38 | 000,000,000 | ---- | C] () -- C:\Users\atb\temp.dat
      [2011/06/20 22:04:11 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
      [2011/05/17 17:25:25 | 000,019,592 | ---- | C] () -- C:\Users\atb\nadal1g.jpg
      [2011/03/11 22:35:16 | 000,001,776 | ---- | C] () -- C:\Windows\System32\HideMyIpSRV.ini
      [2011/03/11 22:20:48 | 000,196,608 | ---- | C] () -- C:\Windows\System32\HMIPCore.dll
      [2011/03/11 20:24:20 | 000,000,016 | ---- | C] () -- C:\Windows\System32\PCProxyOff.ini
      [2011/03/11 20:24:14 | 000,073,728 | ---- | C] () -- C:\Windows\System32\VistaInfo32.dll
      [2011/02/25 19:52:33 | 006,410,240 | ---- | C] () -- C:\Program Files\ABBYY FineReader 10 Professional Edition.msi
      [2011/02/25 19:52:33 | 000,000,200 | ---- | C] () -- C:\Program Files\setup.ini
      [2011/02/25 19:52:32 | 000,238,080 | ---- | C] () -- C:\Program Files\1049.mst
      [2011/02/25 19:52:32 | 000,138,752 | ---- | C] () -- C:\Program Files\1045.mst
      [2011/02/25 19:52:32 | 000,130,560 | ---- | C] () -- C:\Program Files\1031.mst
      [2011/02/25 19:52:32 | 000,128,000 | ---- | C] () -- C:\Program Files\1036.mst
      [2011/02/25 19:52:32 | 000,125,952 | ---- | C] () -- C:\Program Files\1043.mst
      [2011/02/25 19:52:32 | 000,012,800 | ---- | C] () -- C:\Program Files\1033.mst
      [2011/01/18 20:13:27 | 000,000,386 | RHS- | C] () -- C:\ProgramData\ntuser.pol
      [2010/10/27 23:14:34 | 000,000,020 | ---- | C] () -- C:\Windows\hppsapp.INI
      [2010/10/27 22:55:19 | 000,157,032 | ---- | C] () -- C:\Windows\System32\TwnPRO20.dll
      [2010/10/27 22:54:32 | 000,100,864 | ---- | C] () -- C:\Windows\System32\Dc50ip32.dll
      [2010/10/27 22:54:32 | 000,065,864 | ---- | C] () -- C:\Windows\System32\Digita.sys
      [2010/10/27 22:54:32 | 000,007,808 | ---- | C] () -- C:\Windows\System32\dc240u.sys
      [2010/10/27 22:54:30 | 000,153,088 | ---- | C] () -- C:\Windows\System32\SoyWeb.dll
      [2010/10/27 22:54:30 | 000,020,480 | ---- | C] () -- C:\Windows\System32\ImgLibLead.dll
      [2010/10/27 22:53:33 | 000,306,688 | ---- | C] () -- C:\Windows\System32\Lffpx7.dll
      [2010/10/27 22:53:33 | 000,095,232 | ---- | C] () -- C:\Windows\System32\Lfkodak.dll
      [2010/10/27 22:28:39 | 000,000,218 | ---- | C] () -- C:\Users\atb\.recently-used.xbel
      [2010/05/16 10:05:09 | 000,251,100 | ---- | C] () -- C:\Users\atb\Invertia_com - mercados,finanzas,economía, fondos y cotizaciones.mht
      [2010/03/20 13:46:27 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib

      ========== ZeroAccess Check ==========

      [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== Custom Scans ==========

      < %systemdrive%\*.* >
      [2012/03/10 11:19:34 | 000,002,550 | ---- | M] () -- C:\1.log
      [2010/03/13 21:04:22 | 000,002,012 | ---- | M] () -- C:\aaw7boot.log
      [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2012/10/10 11:27:27 | 000,005,672 | ---- | M] () -- C:\DT-kill.txt
      [2010/07/17 18:02:27 | 000,004,067 | ---- | M] () -- C:\error.log
      [2012/10/10 11:28:02 | 2388,238,336 | -HS- | M] () -- C:\hiberfil.sys
      [2010/01/25 13:45:21 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2010/10/28 16:21:16 | 000,000,000 | ---- | M] () -- C:\Log.txt
      [2010/01/25 13:45:21 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2012/10/10 11:28:05 | 3184,320,512 | -HS- | M] () -- C:\pagefile.sys
      [2012/10/10 00:11:49 | 000,001,857 | ---- | M] () -- C:\R_TKill.txt
      [2012/05/17 13:08:07 | 000,003,061 | ---- | M] () -- C:\user.js

      < %PROGRAMFILES%\*.* >
      [2009/10/07 12:19:28 | 000,130,560 | ---- | M] () -- C:\Program Files\1031.mst
      [2009/10/07 12:19:28 | 000,012,800 | ---- | M] () -- C:\Program Files\1033.mst
      [2009/10/07 12:19:32 | 000,128,000 | ---- | M] () -- C:\Program Files\1036.mst
      [2009/10/07 12:19:32 | 000,125,952 | ---- | M] () -- C:\Program Files\1043.mst
      [2009/10/07 12:19:34 | 000,138,752 | ---- | M] () -- C:\Program Files\1045.mst
      [2009/10/07 12:19:34 | 000,238,080 | ---- | M] () -- C:\Program Files\1049.mst
      [2009/10/07 16:21:58 | 006,410,240 | ---- | M] () -- C:\Program Files\ABBYY FineReader 10 Professional Edition.msi
      [2009/07/14 05:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
      [2009/07/07 19:12:02 | 001,822,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\instmsiw.exe
      [2009/10/07 12:13:56 | 000,547,080 | ---- | M] (ABBYY.) -- C:\Program Files\Setup.exe
      [2009/07/31 21:14:02 | 000,000,200 | ---- | M] () -- C:\Program Files\setup.ini
      [2009/07/07 19:12:02 | 000,245,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\unicows.dll

      < %systemroot%\*. /mp /s >

      < %systemroot%\Tasks\*.job /lockedfiles >

      < %temp%\*.exe /15 >

      < %windir%\system32\*.exe /15 >
      [2012/10/09 22:21:25 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
      [2012/10/10 00:21:21 | 062,968,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MRT.exe
      [2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

      < %windir%\SysWow64\*.exe /15 >

      < %windir%\SysNative\*.exe /15 >

      < HKCU\Software\Microsoft\Windows\CurrentVersion\Run /s >
      "msnmsgr" = "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background -- [2012/03/08 18:50:28 | 004,280,184 | ---- | M] (Microsoft Corporation)
      "" =
      "miCoach Manager" = C:\Program Files\adidas\miCoach Manager\SyncManager.exe -autorun -- [2012/08/08 21:08:12 | 004,339,224 | ---- | M] (adidas)
      "Google Update" = "C:\Users\atb\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010/03/21 12:58:07 | 000,136,176 | ---- | M] (Google Inc.)
      "ISUSPM" = C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler -- [2010/11/30 01:16:03 | 000,222,496 | ---- | M] (Acresso Corporation)

      < HKLM\Software\Microsoft\Windows\CurrentVersion\Run /s >
      "Persistence" = C:\Windows\system32\igfxpers.exe -- [2010/08/25 20:45:40 | 000,170,520 | ---- | M] (Intel Corporation)
      "Adobe Reader Speed Launcher" = "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" -- [2012/07/31 12:20:01 | 000,038,872 | ---- | M] (Adobe Systems Incorporated)
      "PSUAMain" = "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray -- [2012/08/26 11:14:04 | 000,037,152 | ---- | M] (Panda Security, S.L.)
      "Panda Security URL Filtering" = "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe" -- [2012/03/15 21:56:50 | 000,217,256 | ---- | M] (Panda Security)
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
      "" =
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
      "" =
      "Installed" = 1
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
      "" =
      "Installed" = 1
      "NoChange" = 1
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
      "" =
      "Installed" = 1

      < HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce /s >
      "panda2_0dn" = reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f
      "panda2_0dn_XP" = reg.exe delete "HKCU\Software\panda2_0dn" /f

      < HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce /s >

      ========== Files - Unicode (All) ==========
      [2012/09/23 18:08:08 | 1385,385,984 | ---- | M] ()(C:\Users\atb\Desktop\Brave [TS Screener ALTA CALIDAD][Espa? Castellano][2012].avi) -- C:\Users\atb\Desktop\Brave [TS Screener ALTA CALIDAD][Espaᯬ Castellano][2012].avi
      [2012/09/22 12:32:17 | 1385,385,984 | ---- | C] ()(C:\Users\atb\Desktop\Brave [TS Screener ALTA CALIDAD][Espa? Castellano][2012].avi) -- C:\Users\atb\Desktop\Brave [TS Screener ALTA CALIDAD][Espaᯬ Castellano][2012].avi
      [2010/10/06 22:30:03 | 000,010,438 | ---- | M] ()(C:\Users\atb\Documents\???.docx) -- C:\Users\atb\Documents\卡洛斯.docx
      [2010/10/06 22:30:03 | 000,010,438 | ---- | C] ()(C:\Users\atb\Documents\???.docx) -- C:\Users\atb\Documents\卡洛斯.docx

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 213 bytes -> C:\ProgramData\TEMP:1CE11B51
      @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:B3D74A13
      @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:0FF263E8
      @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:F35A93AD

      < End of report >

    4. #4
      Ex-Colaborador Avatar de Kirigi
      Registrado
      jun 2007
      Ubicación
      Venezuela
      Mensajes
      7.437

      Re: dt kill no me funciona

      Justo lo que imagine, en el reporte no aparece nada referente al doble tilde solo hay "tonterías" que se pueden sacar.



      1.-Ejecutar OTL.exe
      • Pegue el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:
        • NOTA: No copiar la palabra codigo.

        Código:
        :OTL
        SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe File not found
        DRV - (catchme) -- C:\Users\atb\AppData\Local\Temp\catchme.sys File not found
        DRV - (anbt3yeo) -- File not found
        NetSvcs: Nla - File not found
        NetSvcs: Ntmssvc - File not found
        NetSvcs: NWCWorkstation - File not found
        NetSvcs: Nwsapagent - File not found
        NetSvcs: Sharedaccess - File not found
        NetSvcs: SRService - File not found
        NetSvcs: WmdmPmSp - File not found
        NetSvcs: LogonHours - File not found
        NetSvcs: PCAudit - File not found
        NetSvcs: helpsvc - File not found
        NetSvcs: uploadmgr - File not found
        NetSvcs: FastUserSwitchingCompatibility - File not found
        IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuzytDyE0 C0EyDtC0A0F0EyDyEyCzyyEzztN0D0Tzu0CtBzztAtN1L2Xzut BtFtBtFtDtFtAyEyE&cr=301003359
        IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2 &cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDtC0A0F0EyDyEyCzyyE zztN0D0Tzu0CtBzztAtN1L2XzutBtFtBtFtDtFtAyEyE&cr=30 1003359
        IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2 &cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDtC0A0F0EyDyEyCzyyE zztN0D0Tzu0CtBzztAtN1L2XzutBtFtBtFtDtFtAyEyE&cr=30 1003359
        IE - HKCU\..\SearchScopes\{27A44E44-2969-54A1-2DEB-00ED698A1EC4}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110819&tt=100512_4_&babsrc= SP_ss&mntrId=7c656948000000000000904ce51afe54
        IE - HKCU\..\SearchScopes\{FCF1483A-9FCB-4000-817A-8EA743C58EE3}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searc hTerms}&locale=es_ES&apn_ptnrs=T8&apn_dtid=YYYYYYY YES&apn_uid=4d6d2dad-4621-4f2b-8bdc-9c8d6f977c9c&apn_sauid=4B3CF612-D7AB-4FDC-A817-A888C096E2D9
        CHR - homepage: http://search.babylon.com/?affID=112209&tt=100512_4_&babsrc=HP_ss&mntrId=7c6 56948000000000000904ce51afe54
        CHR - default_search_provider: Funmoods ()
        CHR - default_search_provider: search_url = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2 &cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDtC0A0F0EyDyEyCzyyE zztN0D0Tzu0CtBzztAtN1L2XzutBtFtBtFtDtFtAyEyE&cr=30 1003359
        CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigoj ocbpcb\1.5_0\BabylonChromeToolBar.dll
        CHR - homepage: http://searchfunmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuzytDyE0 C0EyDtC0A0F0EyDyEyCzyyEzztN0D0Tzu0CtBzztAtN1L2Xzut BtFtBtFtDtFtAyEyE&cr=301003359
        O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx. dll File not found
        O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx. dll File not found
        O4 - HKCU..\Run: [] File not found
        MsConfig - StartUpReg: Browser companion helper - hkey= - key= - File not found
        MsConfig - StartUpReg: ChromeFrameHelper - hkey= - key= - File not found
        MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - File not found
        MsConfig - StartUpReg: UUSeeMediaCenter - hkey= - key= - File not found
        [2012/03/17 13:14:07 | 000,004,096 | -H-- | C] () -- C:\Users\atb\AppData\Local\keyfile3.drm
        [2012/01/31 02:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
        [2012/10/10 00:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Funmoods
        [2012/10/09 14:39:19 | 000,000,000 | ---D | C] -- C:\Users\atb\AppData\Local\Wajam
        [2012/10/09 14:39:17 | 000,000,000 | ---D | C] -- C:\Program Files\Wajam
        [2012/10/10 11:35:27 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
        [2012/10/10 11:35:27 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
        [2012/10/10 00:07:30 | 000,290,500 | ---- | M] () -- C:\Users\atb\AppData\Local\funmoods-speeddial_sf.crx
        @Alternate Data Stream - 213 bytes -> C:\ProgramData\TEMP:1CE11B51
        @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:B3D74A13
        @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:0FF263E8
        @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:F35A93AD
        
        :Files
        ipconfig /flushdns /c
        ipconfig /renew /c
        
        :commands
        [resethosts]
        [emptyflash]
        [emptytemp]
        [emptyjava]
        [Reboot]
      • Luego haga clic en el botón Reparar en la parte superior.
      • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
      • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.


      Al regreso me dejas un nuevo reporte de OTL.

      Salu2

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de karlosrr
      Registrado
      oct 2012
      Ubicación
      tenerife
      Mensajes
      15

      Re: dt kill no me funciona

      al iniciar me sale que se realizaron cambios no autorizados en windows no s'e si es normal...

      Le pego lo que me dijo...

      All processes killed
      ========== OTL ==========
      Error: No service named IDriverT was found to stop!
      Service\Driver key IDriverT not found.
      File C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe File not found not found.
      Service catchme stopped successfully!
      Service catchme deleted successfully!
      File C:\Users\atb\AppData\Local\Temp\catchme.sys File not found not found.
      Error: No service named anbt3yeo was found to stop!
      Service\Driver key anbt3yeo not found.
      File File not found not found.
      Nla removed from NetSvcs value successfully!
      Ntmssvc removed from NetSvcs value successfully!
      NWCWorkstation removed from NetSvcs value successfully!
      Nwsapagent removed from NetSvcs value successfully!
      Sharedaccess removed from NetSvcs value successfully!
      Error: No service named Sharedaccess was found to stop!
      Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sharedaccess deleted successfully.
      SRService removed from NetSvcs value successfully!
      WmdmPmSp removed from NetSvcs value successfully!
      LogonHours removed from NetSvcs value successfully!
      PCAudit removed from NetSvcs value successfully!
      helpsvc removed from NetSvcs value successfully!
      uploadmgr removed from NetSvcs value successfully!
      FastUserSwitchingCompatibility removed from NetSvcs value successfully!
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{27A44E44-2969-54A1-2DEB-00ED698A1EC4}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27A44E44-2969-54A1-2DEB-00ED698A1EC4}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FCF1483A-9FCB-4000-817A-8EA743C58EE3}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCF1483A-9FCB-4000-817A-8EA743C58EE3}\ not found.
      Use Chrome's Settings page to change the HomePage.
      Use Chrome's Settings page to remove the default_search_provider items.
      Use Chrome's Settings page to remove the default_search_provider items.
      File C:\Users\atb\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigoj ocbpcb\1.5_0\BabylonChromeToolBar.dll not found.
      Use Chrome's Settings page to change the HomePage.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Browser companion helper\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ChromeFrameHelper\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ISUSPM Startup\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\UUSeeMediaCenter\ deleted successfully.
      C:\Users\atb\AppData\Local\keyfile3.drm moved successfully.
      C:\Windows\MusiccityDownload.exe moved successfully.
      C:\Program Files\Funmoods folder moved successfully.
      C:\Users\atb\AppData\Local\Wajam\Chrome folder moved successfully.
      C:\Users\atb\AppData\Local\Wajam folder moved successfully.
      C:\Program Files\Wajam\Updater folder moved successfully.
      C:\Program Files\Wajam folder moved successfully.
      C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 moved successfully.
      C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 moved successfully.
      C:\Users\atb\AppData\Local\funmoods-speeddial_sf.crx moved successfully.
      ADS C:\ProgramData\TEMP:1CE11B51 deleted successfully.
      ADS C:\ProgramData\TEMP:B3D74A13 deleted successfully.
      ADS C:\ProgramData\TEMP:0FF263E8 deleted successfully.
      ADS C:\ProgramData\TEMP:F35A93AD deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\atb\Desktop\cmd.bat deleted successfully.
      C:\Users\atb\Desktop\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . : local.lan
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.34
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.1
      Adaptador de Ethernet Conexi¢n de *rea local:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      C:\Users\atb\Desktop\cmd.bat deleted successfully.
      C:\Users\atb\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: All Users

      User: atb
      ->Flash cache emptied: 1965 bytes

      User: Default

      User: Default User

      User: Invitado
      ->Flash cache emptied: 792 bytes

      User: Mcx1-ATB-PC

      User: Mcx1-ATB-PC.atb-PC

      User: Public

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: atb
      ->Temp folder emptied: 1480538 bytes
      ->Temporary Internet Files folder emptied: 235012485 bytes
      ->Java cache emptied: 42921148 bytes
      ->Google Chrome cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Invitado
      ->Temp folder emptied: 615128 bytes
      ->Temporary Internet Files folder emptied: 59576751 bytes
      ->Java cache emptied: 12534960 bytes
      ->Flash cache emptied: 0 bytes

      User: Mcx1-ATB-PC

      User: Mcx1-ATB-PC.atb-PC
      ->Temp folder emptied: 516 bytes
      ->Temporary Internet Files folder emptied: 5560007 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 1430392 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 13220116 bytes
      RecycleBin emptied: 4808971 bytes

      Total Files Cleaned = 360,00 mb


      [EMPTYJAVA]

      User: All Users

      User: atb
      ->Java cache emptied: 0 bytes

      User: Default

      User: Default User

      User: Invitado
      ->Java cache emptied: 0 bytes

      User: Mcx1-ATB-PC

      User: Mcx1-ATB-PC.atb-PC

      User: Public

      Total Java Files Cleaned = 0,00 mb


      OTL by OldTimer - Version 3.2.69.0 log created on 10102012_202753

      Files\Folders moved on Reboot...
      File\Folder C:\Users\atb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O618JHHH\ADSAdClient31[1].htm not found!
      File\Folder C:\Users\atb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O618JHHH\direct;auc.6291964921112990850;ai.280196220.278837087;ac.1349829568-21663462;wi.234;hi.60;cp[1].htm not found!
      File\Folder C:\Users\atb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O618JHHH\tt[1].htm not found!

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    6. #6
      Usuario Avatar de karlosrr
      Registrado
      oct 2012
      Ubicación
      tenerife
      Mensajes
      15

      Re: dt kill no me funciona

      Ahora me sale que debo volver a activar windows poniendo la clave, es normal

    7. #7
      Ex-Colaborador Avatar de Kirigi
      Registrado
      jun 2007
      Ubicación
      Venezuela
      Mensajes
      7.437

      Re: dt kill no me funciona

      Cita Originalmente publicado por karlosrr Ver Mensaje
      Ahora me sale que debo volver a activar windows poniendo la clave, es normal
      Tu windows es Original o es uno de esos desatendidos (modificados) que existen por la red??

      Puedes evitar de alguna forma la ventana de activación del windows?

      Salu2

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de karlosrr
      Registrado
      oct 2012
      Ubicación
      tenerife
      Mensajes
      15

      Re: dt kill no me funciona

      Hasta donde yo se mi windows es original. Es de esos modernos que ya vienen instalados en el pc con pegatina y tal, no tengo disco. que hay del resto del log, sabe ya que es lo que tiene mi pc
      Última edición por karlosrr fecha: 11/10/12 a las 05:06:36

    9. #9
      Usuario Avatar de karlosrr
      Registrado
      oct 2012
      Ubicación
      tenerife
      Mensajes
      15

      Re: dt kill no me funciona

      Por cierto, el malwarebytes ahora me detecta cada pocos minutos un intento de conexi'on de la direcci'on 207.232.22.60

    10. #10
      Ex-Colaborador Avatar de Kirigi
      Registrado
      jun 2007
      Ubicación
      Venezuela
      Mensajes
      7.437

      Re: dt kill no me funciona

      Cita Originalmente publicado por karlosrr Ver Mensaje
      Hasta donde yo se mi windows es original. Es de esos modernos que ya vienen instalados en el pc con pegatina y tal, no tengo disco. que hay del resto del log, sabe ya que es lo que tiene mi pc
      Hola karlosrr,

      Te siguió apareciendo lo de la activación del windows?

      Te pido un poco de paciencia ya que estamos ante una nueva variante de este molesto malware y aun seguimos analizando.


      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      Salu2

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 3 123 ÚltimoÚltimo