• Registrarse
  • Iniciar sesión


  • Resultados 1 al 4 de 4

    Problema extraño

    Hola a todos, solicito su ayuda en un extraño problema que aqueja a mi PC, hace unos días por cosas de la vida me ví forzado a conectarme a internet por una conexión poco segura, ...

    1. #1
      Usuario Avatar de STVPG
      Registrado
      oct 2012
      Ubicación
      Chile
      Mensajes
      2

      Problema extraño

      Hola a todos, solicito su ayuda en un extraño problema que aqueja a mi PC, hace unos días por cosas de la vida me ví forzado a conectarme a internet por una conexión poco segura, esos wi-fi sin contraseña, por la urgencia y no tener otra fuente de internet cerca. Sin embargo, al conectarme no pude ingresar a ninguna página, google nunca cargó, pense que sería problema de la baja señal así que no le dí mayor importancia.
      Al otro día, ya en mi casa, y con el internet de siempre, los problemas persisten, google no carga correctamente, youtube tampoco lo hace, incluso este mismo foro, sin embargo facebook y twitter no tienen problemas.
      Lo más curioso es que al intentar cargar, por ejemplo, youtube, y rendirme por ver que no aparece nada, cambio a otro sitio que si me funciona, y vaya, youtube aparece perfectamente en el intervalo en que salgo del sitio e ingreso al otro. Con google no ya caso, no responde a nada. A este foro por ejemplo, en ocaciones le carga el banner, pero nada más, y cuando salgo cargan todas las secciones.
      Al pasar el CC Cleaner, el problema se arregla con todas los sitios menos google, pero vuelve a aparecer despúes de un tiempo.
      Supongo que alguna asquerosidad entró a mi PC desde esa conexión sospechosa, he probado con multitud de antivirus, antispware, limpiar el registro, cambiar de navegadores, y no parece tener solución, por lo menos una que yo sepa.
      Recurro a Ustedes como un último y final recurso antes del martillo del formateo.
      Un saludo.

    2. #2
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: Problema extraño

      Hola STVPG.


      Realiza lo siguiente:
      1. Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware.
        • En la pestaña Escáner,marcas "Realizar un Examen Completo".
        • Con la opción de "quitar lo seleccionado" lo mandas todo a la cuarentena y reinicia.
        • En la pestaña "Logs" o "Registros" en español, encontrarás el reporte del MBAM, lo copias y lo pones aquí para analizarlo.



      2. Descarga OTL a tu escritorio.
        • Cerrar todas las ventanas y programas abiertos antes de ejecutarlo.
        • Hacer doble click en el ícono OTL.exe para comenzar.
        • Cuando la interfaz aparezca, marcar las siguientes opciones: bajo de: "Tipo de Análisis" cambielo a Resultado Mínimo
        • Cambia a Todos donde dice Registro Normal
        • Marcar las opciones: Buscar LOP y Buscar Purity
        • Presione el boton Análizar
          Una vez termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt.
          Por favor copiar y pegar el contenido de OTL.Txt en su siguiente Post
      Nota: Por favor No cambiar el resto de la configuración a menos que se le indique.

      Saludos
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de STVPG
      Registrado
      oct 2012
      Ubicación
      Chile
      Mensajes
      2

      Re: Problema extraño

      Los dos registros solicitados:

      Malwarebytes Anti-Malware 1.65.0.1400
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.10.13.06

      Windows 7 Service Pack 1 x86 NTFS
      Internet Explorer 9.0.8112.16421
      Iceland :: PC [administrador]

      13-10-2012 12:38:56
      mbam-log-2012-10-13 (12-38-56).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 336817
      Tiempo transcurrido: 1 hora(s), 47 minuto(s), 33 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)

      OTL


      OTL logfile created on: 13-10-2012 14:35:51 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Iceland\Desktop
      Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 0000340A | Country: Chile | Language: ESL | Date Format: dd-MM-yyyy

      1,96 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 65,69% Memory free
      3,92 Gb Paging File | 2,89 Gb Available in Paging File | 73,59% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
      Drive C: | 187,67 Gb Total Space | 20,34 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
      Drive D: | 30,25 Gb Total Space | 29,49 Gb Free Space | 97,51% Space Free | Partition Type: NTFS

      Computer Name: PC | User Name: Iceland | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Iceland\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe (Adobe Systems, Inc.)
      PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
      PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
      PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Windows\Runservice.exe ()
      PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
      PRC - C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
      PRC - C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
      PRC - C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Conexant Systems, Inc)
      PRC - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
      PRC - C:\Windows\System32\IgrsSvcs.exe (Microsoft Corporation)
      PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
      PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
      MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
      MOD - C:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
      MOD - C:\windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_es_b77a5c561934e089\System.Xml.resources.dll ()
      MOD - C:\Program Files\Lenovo\Energy Management\KbdHook.dll ()
      MOD - C:\Program Files\Lenovo\Energy Management\HookLib.dll ()


      ========== Services (SafeList) ==========

      SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
      SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (LicCtrlService) -- C:\Windows\Runservice.exe ()
      SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
      SRV - (Lenovo ReadyComm ConnSvc) -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited)
      SRV - (Lenovo ReadyComm AppSvc) -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited)
      SRV - (PS_MDP) -- C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll (Lenovo Group Limited)
      SRV - (IGRS) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
      SRV - (ReadyComm.DirectRouter) -- C:\Program Files\Lenovo\ReadyComm\common\router.dll (Lenovo Group Limited)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (ZTEusbser6k) -- system32\DRIVERS\ZTEusbser6k.sys File not found
      DRV - (ZTEusbnmea) -- system32\DRIVERS\ZTEusbnmea.sys File not found
      DRV - (ZTEusbmdm6k) -- system32\DRIVERS\ZTEusbmdm6k.sys File not found
      DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
      DRV - (USBCCID) -- system32\DRIVERS\RtsUCcid.sys File not found
      DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
      DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
      DRV - (RtsUIR) -- system32\DRIVERS\Rts516xIR.sys File not found
      DRV - (RSUSBSTOR) -- System32\Drivers\RtsUStor.sys File not found
      DRV - (atkhyaoe) -- File not found
      DRV - (agn9hr74) -- File not found
      DRV - (aswSnx) -- C:\windows\System32\drivers\aswSnx.sys (AVAST Software)
      DRV - (aswSP) -- C:\windows\System32\drivers\aswSP.sys (AVAST Software)
      DRV - (aswTdi) -- C:\windows\System32\drivers\aswTdi.sys (AVAST Software)
      DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
      DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
      DRV - (aswFsBlk) -- C:\windows\System32\drivers\aswFsBlk.sys (AVAST Software)
      DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
      DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
      DRV - (WsAudio_DeviceS(4) -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys (Wondershare)
      DRV - (WsAudio_DeviceS(3) -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys (Wondershare)
      DRV - (WsAudio_DeviceS(2) -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys (Wondershare)
      DRV - (WsAudio_DeviceS(1) -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys (Wondershare)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (ACPIVPC) -- C:\Windows\System32\drivers\AcpiVpc.sys (Lenovo Corporation)
      DRV - (funfrm) -- C:\windows\System32\drivers\funfrm.sys ()
      DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
      DRV - (Bridge0) -- C:\Windows\System32\drivers\wdbridge.sys (Lenovo)
      DRV - (wsvd) -- C:\Windows\System32\drivers\wsvd.sys (CyberLink)
      DRV - (wdmirror) -- C:\Windows\System32\drivers\WDMirror.sys (Windows (R) Codename Longhorn DDK provider)
      DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
      DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
      DRV - (k57nd60x) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
      DRV - (usbsmi) -- C:\Windows\System32\drivers\SMIksdrv.sys (SMI)
      DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
      DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)


      ========== Standard Registry (All) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
      IE - HKCU\..\URLSearchHook: {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - No CLSID value found
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.startup.homepage: "about:home"
      FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
      FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:15.0.1
      FF - prefs.js..keyword.URL: "http://google.com"
      FF - prefs.js..network.proxy.type: 4
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012-08-24 18:36:09 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-10-12 21:06:55 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

      [2012-06-07 12:16:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Iceland\AppData\Roaming\mozilla\Extensions
      [2012-07-30 19:46:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Iceland\AppData\Roaming\mozilla\Firefox\Profiles\mlmszlzy.default\extensions
      [2012-07-30 19:46:26 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Iceland\AppData\Roaming\mozilla\firefox\profiles\mlmszlzy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2012-10-12 21:06:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
      [2012-10-12 21:06:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      [2012-10-12 21:02:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
      [2012-09-05 22:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
      [2012-09-06 00:35:44 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
      [2012-09-06 00:35:44 | 000,003,882 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
      [2012-09-06 00:35:44 | 000,001,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-es.xml
      [2012-09-06 00:35:44 | 000,003,581 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
      [2012-09-06 00:35:44 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
      [2012-09-06 00:35:44 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012-09-06 00:35:44 | 000,001,102 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-es.xml

      O1 HOSTS File: ([2012-09-15 22:52:01 | 000,001,085 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
      O1 - Hosts: 127.0.0.1 CD and DVD Burning Software - Alcohol Soft copy and virtual drive software Alcohol 120 and 52% Free Edition
      O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
      O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
      O1 - Hosts: 127.0.0.1 alcohol-soft.com
      O1 - Hosts: 127.0.0.1 genuine.microsoft.com
      O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
      O1 - Hosts: 127.0.0.1 sls.microsoft.com
      O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
      O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No CLSID value found.
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DB131C55-60C8-4ADC-84DC-9E76AB06E2DC} - No CLSID value found.
      O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
      O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
      O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
      O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
      O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
      O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
      O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
      O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
      O13 - gopher Prefix: missing
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4EE60A5-5123-4026-9E2A-7B3CA6EC9F39}: DhcpNameServer = 192.168.1.1
      O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\System32\igfxdev.dll (Intel Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\System32\credssp.dll (Microsoft Corporation)
      O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (kerberos) - C:\windows\System32\kerberos.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (schannel) - C:\windows\System32\schannel.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (wdigest) - C:\windows\System32\wdigest.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (tspkg) - C:\windows\System32\tspkg.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation)
      O31 - SafeBoot: AlternateShell - cmd.exe
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009-06-10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O33 - MountPoints2\F\Shell - "" = AutoRun
      O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012-10-13 12:32:03 | 000,000,000 | ---D | C] -- C:\Users\Iceland\AppData\Roaming\Malwarebytes
      [2012-10-13 12:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012-10-13 12:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012-10-13 12:31:55 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
      [2012-10-13 12:31:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2012-10-13 12:29:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Iceland\Desktop\OTL.exe
      [2012-10-12 23:50:14 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
      [2012-10-12 23:42:44 | 000,036,864 | ---- | C] (NirSoft) -- C:\windows\nircmd.exe
      [2012-10-12 21:06:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
      [2012-10-12 21:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
      [2012-10-12 20:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
      [2012-10-12 20:46:55 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
      [2012-10-12 20:46:45 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
      [2012-10-12 20:46:45 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
      [2012-10-12 20:46:45 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
      [2012-10-12 20:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\Java
      [2012-10-12 18:19:35 | 000,000,000 | ---D | C] -- C:\Users\Iceland\AppData\Roaming\GlarySoft
      [2012-10-12 18:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
      [2012-10-12 18:11:50 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
      [2012-10-10 13:33:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
      [2012-10-10 13:32:59 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
      [2012-10-10 13:32:58 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
      [2012-10-06 11:48:24 | 000,000,000 | ---D | C] -- C:\Users\Iceland\Documents\The Movies
      [2012-10-06 11:47:26 | 000,000,000 | ---D | C] -- C:\Users\Iceland\Documents\EN-UK
      [2012-10-05 18:52:14 | 000,000,000 | ---D | C] -- C:\Users\Iceland\AppData\Roaming\Lionhead Studios
      [2012-10-05 18:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Movies
      [2012-10-05 18:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\Lionhead Studios Ltd
      [2012-10-05 18:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Lionhead Studios
      [2012-10-05 18:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
      [2012-10-05 18:17:45 | 000,000,000 | ---D | C] -- C:\Users\Iceland\AppData\Roaming\uTorrent
      [2012-09-21 17:05:15 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
      [2012-09-21 17:05:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
      [2012-09-21 17:05:13 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
      [2012-09-21 17:05:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
      [2012-09-21 17:05:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
      [2012-09-21 17:05:10 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
      [2012-09-21 17:05:10 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
      [2012-09-21 17:05:03 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
      [2012-09-21 02:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\.mono
      [2012-09-21 02:46:10 | 000,000,000 | ---D | C] -- C:\Users\Iceland\AppData\Roaming\.mono
      [2012-09-16 04:41:40 | 000,000,000 | ---D | C] -- C:\Users\Iceland\Documents\Paradox Interactive
      [2006-06-26 02:33:46 | 000,163,840 | ---- | C] (アリスソフト) -- C:\Users\Iceland\AppData\Local\Tempals_inst.exe
      [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012-10-13 13:47:04 | 000,014,144 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012-10-13 13:47:03 | 000,014,144 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012-10-13 12:31:59 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012-10-13 12:30:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Iceland\Desktop\OTL.exe
      [2012-10-13 11:43:45 | 000,000,857 | -HS- | M] () -- C:\windows\System32\mmf.sys
      [2012-10-13 11:43:29 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
      [2012-10-13 11:42:47 | 1579,626,496 | -HS- | M] () -- C:\hiberfil.sys
      [2012-10-12 23:20:16 | 000,000,316 | ---- | M] () -- C:\windows\tasks\GlaryInitialize.job
      [2012-10-12 21:06:58 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012-10-12 21:06:38 | 000,001,724 | ---- | M] () -- C:\Users\Iceland\Documents\cc_20121012_210635.reg
      [2012-10-12 20:49:11 | 000,006,530 | ---- | M] () -- C:\Users\Iceland\Documents\cc_20121012_204908.reg
      [2012-10-12 20:46:38 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
      [2012-10-12 20:46:32 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe
      [2012-10-12 20:46:32 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
      [2012-10-12 20:46:31 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
      [2012-10-12 20:46:29 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\windows\System32\npdeployJava1.dll
      [2012-10-12 20:46:29 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
      [2012-10-12 20:28:51 | 000,002,126 | ---- | M] () -- C:\Users\Iceland\Documents\cc_20121012_202848.reg
      [2012-10-12 18:11:58 | 000,000,984 | ---- | M] () -- C:\Users\Iceland\Desktop\Glary Utilities.lnk
      [2012-10-12 16:43:32 | 000,000,436 | ---- | M] () -- C:\Users\Iceland\Documents\cc_20121012_164328.reg
      [2012-10-11 12:48:12 | 000,000,826 | ---- | M] () -- C:\Users\Iceland\Documents\cc_20121011_124806.reg
      [2012-10-10 22:32:22 | 000,754,380 | ---- | M] () -- C:\windows\System32\perfh00A.dat
      [2012-10-10 22:32:22 | 000,665,854 | ---- | M] () -- C:\windows\System32\perfh009.dat
      [2012-10-10 22:32:22 | 000,156,730 | ---- | M] () -- C:\windows\System32\perfc00A.dat
      [2012-10-10 22:32:22 | 000,124,988 | ---- | M] () -- C:\windows\System32\perfc009.dat
      [2012-10-10 15:50:00 | 000,690,851 | ---- | M] () -- C:\Users\Iceland\Documents\Sondeo Jóvenes y política.pdf
      [2012-09-30 11:29:55 | 000,003,584 | ---- | M] () -- C:\Users\Iceland\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012-09-16 18:32:07 | 000,000,838 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
      [2012-09-15 15:38:28 | 000,751,347 | ---- | M] () -- C:\Users\Iceland\Documents\1347727162634.png
      [2012-09-14 15:31:57 | 000,367,704 | ---- | M] () -- C:\Users\Iceland\Documents\1347642281340.jpg
      [2012-09-14 15:28:53 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
      [2012-09-13 16:27:33 | 000,024,867 | ---- | M] () -- C:\Users\Iceland\Documents\1347558398337.jpg
      [2012-09-13 16:27:27 | 000,959,623 | ---- | M] () -- C:\Users\Iceland\Documents\1347558121183.gif
      [2012-09-13 16:17:41 | 000,079,197 | ---- | M] () -- C:\Users\Iceland\Documents\134746289138.jpg
      [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012-10-13 12:31:59 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012-10-12 23:42:44 | 000,069,660 | ---- | C] () -- C:\windows\Fart.exe
      [2012-10-12 23:42:44 | 000,022,528 | ---- | C] () -- C:\windows\AT-Uninstall.exe
      [2012-10-12 23:42:44 | 000,011,776 | ---- | C] () -- C:\windows\Colous.exe
      [2012-10-12 21:06:58 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [2012-10-12 21:06:58 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012-10-12 21:06:37 | 000,001,724 | ---- | C] () -- C:\Users\Iceland\Documents\cc_20121012_210635.reg
      [2012-10-12 20:49:10 | 000,006,530 | ---- | C] () -- C:\Users\Iceland\Documents\cc_20121012_204908.reg
      [2012-10-12 20:28:50 | 000,002,126 | ---- | C] () -- C:\Users\Iceland\Documents\cc_20121012_202848.reg
      [2012-10-12 18:12:00 | 000,000,316 | ---- | C] () -- C:\windows\tasks\GlaryInitialize.job
      [2012-10-12 18:11:58 | 000,000,984 | ---- | C] () -- C:\Users\Iceland\Desktop\Glary Utilities.lnk
      [2012-10-12 16:43:30 | 000,000,436 | ---- | C] () -- C:\Users\Iceland\Documents\cc_20121012_164328.reg
      [2012-10-11 12:48:08 | 000,000,826 | ---- | C] () -- C:\Users\Iceland\Documents\cc_20121011_124806.reg
      [2012-10-10 22:47:52 | 000,690,851 | ---- | C] () -- C:\Users\Iceland\Documents\Sondeo Jóvenes y política.pdf
      [2012-09-15 15:38:25 | 000,751,347 | ---- | C] () -- C:\Users\Iceland\Documents\1347727162634.png
      [2012-09-14 15:31:54 | 000,367,704 | ---- | C] () -- C:\Users\Iceland\Documents\1347642281340.jpg
      [2012-09-13 16:27:33 | 000,024,867 | ---- | C] () -- C:\Users\Iceland\Documents\1347558398337.jpg
      [2012-09-13 16:27:27 | 000,959,623 | ---- | C] () -- C:\Users\Iceland\Documents\1347558121183.gif
      [2012-09-13 16:17:40 | 000,079,197 | ---- | C] () -- C:\Users\Iceland\Documents\134746289138.jpg
      [2012-06-04 06:45:08 | 000,000,857 | -HS- | C] () -- C:\windows\System32\mmf.sys
      [2012-06-04 06:44:59 | 000,048,640 | ---- | C] () -- C:\windows\mmfs.dll
      [2012-06-04 06:44:59 | 000,002,560 | ---- | C] () -- C:\windows\Runservice.exe
      [2012-04-04 21:28:28 | 000,002,223 | ---- | C] () -- C:\Users\Iceland\.powerupdate.user.properties
      [2011-11-29 00:40:22 | 000,000,049 | ---- | C] () -- C:\windows\NeroDigital.ini
      [2011-08-18 01:59:39 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
      [2011-08-01 20:13:11 | 000,003,584 | ---- | C] () -- C:\Users\Iceland\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2011-03-28 05:36:17 | 000,080,896 | ---- | C] () -- C:\windows\System32\RDVGHelper.exe
      [2011-03-28 05:34:16 | 000,066,048 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
      [2010-10-15 02:15:55 | 000,017,232 | ---- | C] () -- C:\Users\Iceland\AppData\Roaming\UserTile.png
      [2010-07-16 16:26:31 | 000,007,599 | ---- | C] () -- C:\Users\Iceland\AppData\Local\Resmon.ResmonCfg
      [2010-07-03 08:49:28 | 000,000,910 | ---- | C] () -- C:\ProgramData\profile.xml

      ========== ZeroAccess Check ==========

      [2009-07-14 01:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 09:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-13 22:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012-09-21 02:46:10 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\.mono
      [2011-12-11 19:39:32 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\BsPicture
      [2012-04-04 21:28:56 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\CmapTools
      [2012-10-05 21:15:49 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\DAEMON Tools Lite
      [2012-10-12 20:04:13 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\foobar2000
      [2012-10-12 22:01:13 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\GlarySoft
      [2012-07-18 16:41:53 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\IrfanView
      [2011-04-08 05:34:05 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\Leadertech
      [2010-07-26 02:55:32 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\Lenovo
      [2012-10-05 18:52:14 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\Lionhead Studios
      [2010-08-09 23:13:26 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\My Games
      [2012-02-07 10:38:22 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\RenPy
      [2012-06-09 23:05:21 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\Sports Interactive
      [2012-08-26 21:58:57 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\Unity
      [2012-10-12 16:41:59 | 000,000,000 | ---D | M] -- C:\Users\Iceland\AppData\Roaming\uTorrent

      ========== Purity Check ==========



      < End of report >

      Saludos y gracias.

    4. #4
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: Problema extraño

      Hola.

      Realice lo siguiente:

      1. Sombree el contenido del siguiente recuadro (excepto la palabra código), luego haga clic derecho con el ratón > Copiar.
        Código:
        :OTL
        IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
        FF - prefs.js..network.proxy.type: 4
        FF - user.js - File not found
        O33 - MountPoints2\F\Shell - "" = AutoRun
        O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
        [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
        
        :files
        ipconfig /flushdns /c
        
        :commands
        [resethosts]
        [emptytemp]
        [createrestorepoint]
      2. Ejecutar OTL.exe
        • Clic derecho con el ratón bajo la casilla Análisis Personalizados/Código de Reparación > Pegar.
        • Luego haga clic en el botón Reparar ubicado en la parte superior.
        • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
        • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.



      3. Descargue UsbFix By El Desaparecido C_XX a tu escritorio y lo ejecuta de este modo:
        1. Conecte todos sus dispositivos extraibles, Pendrive\Micro SD, etc.
        2. Haga doble Click sobre USBFix
        3. Pulse sobre la opción Supresión
        4. Aparecerá una advertencia para que conecte sus USB, pulse en Aceptar y proceso de desinfección/vacunación se iniciará.
        5. Durante el análisis el escritorio puede desaparecer, esto es normal, si USBFix le pide reiniciar el sistema acepte y reinicie su equipo.
        6. Al finalizar, USBFix genera un reporte, el cual se encuentra generalmente en C:\USBFix.txt debe pegar su contenido en el próximo mensaje
        Nota UsbFix creará una carpeta oculta llamada "autorun.inf" en cada partición y cada unidad USB que se encuentre conectado al momento de ejecutar este. No elimine esta carpeta ... eso le ayudará a proteger sus dispositivos USB de futuras infecciones.



      Nos comenta los resultados.

      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.