• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 25

    eliminar Crownhub

    Buenas tardes, primero de todo disculparme por si ya hay un post abierto para este tema, pero con el buscador no he sabido encontrarlo. Mi problema es que se ha instalado crownhub en mi Firefox ...

    1. #1
      Usuario Avatar de adaia
      Registrado
      ene 2012
      Ubicación
      Mallorca
      Mensajes
      18

      Molesto eliminar Crownhub

      Buenas tardes,

      primero de todo disculparme por si ya hay un post abierto para este tema, pero con el buscador no he sabido encontrarlo.

      Mi problema es que se ha instalado crownhub en mi Firefox y es muy molesto, pues estoy acostumbrada a escribir cualquier web o cualquier cosa que quiero buscar en la barra del navegador web y éste actua como el buscador de Google, y me es comodísimo, pero ahora es un rollo porque cuando busco algo se me abre la web esa, y por más que he intentado deshacerme de ella con algunas herramientas que he encontrado leyendo por la red, porque yo no tengo mucha idea, no he tenido suerte.

      Me podéis echar una mano, por favor?


      Gracias de antemano.

    2. #2
      Moderador
      Avatar de @MarioL
      Registrado
      nov 2006
      Ubicación
      Málaga - España
      Mensajes
      8.819

      re: eliminar Crownhub

      Hola.

      • Realiza lo siguiente:
      • Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) By Infospyware.
      • Ejecuta la herramienta como administrador.
      • Aparecerá el Disclaimer de la herramienta.Presiona .
      • Presiona sobre la opción 1 (Buscar y Destruir)
      • La herramienta desconectará el escritorio moméntaneamente.
      • En caso de estar infectado,la herramienta lo indicará con lineas rojas donde se haya encontrado la infección,sino,serán lineas verdes.
      • Una vez terminado el escaneo,podrás volver a ver el escritorio y se te abrirá un reporte,que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      Un saludo.
      Invy

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de adaia
      Registrado
      ene 2012
      Ubicación
      Mallorca
      Mensajes
      18

      Re: eliminar Crownhub

      Muchas gracias por contestar tan rápido.

      Éste es el resultado que me ha dado...

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.7 By Infospyware
      www.infospyware.com
      Fecha iniciada en el analisis 24/10/2012
      Hora iniciada en el analisis 18:07:57,36
      Usuario Actual : [C:\Users\Usuario]
      Sistema Operativo: Windows 7 Home Premium
      Arquitectura: Sistema operativo de 64 bits
      Versión Internet Explorer: 8.0.7600.16385
      Modo Actual: Modo Normal.
      Privilegios: [Usuario-Administrador]
      Versión Google Chrome:
      Versión Mozilla Firefox: 16.0.1

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======




      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\Users\Usuario\Appdata\Local\GDIPFONTCACHEV1.DAT


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Local Page == C:\Windows\system32\blank.htm
      Default_Page_URL == http://asus.msn.com

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\WINDOWS\SYSTEM32\blank.htm
      Default_Search_URL == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_Page_URL == http://go.microsoft.com/fwlink/?LinkId=69157


      "HKEY_USERS\S-1-5-21-4232750918-3550982461-2673268952-1001\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Local Page == C:\Windows\system32\blank.htm
      Default_Page_URL == http://asus.msn.com


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,
      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("browser.startup.homepage", "http://google.com");




      ======= EOF =======

    4. #4
      Moderador
      Avatar de @MarioL
      Registrado
      nov 2006
      Ubicación
      Málaga - España
      Mensajes
      8.819

      Re: eliminar Crownhub

      Hola.

      Realiza lo siguiente:


      1º- Descarga , instala y actualiza Malwarebytes, tras esto realiza un análisis completo eliminando todo lo encontrado y pegando su reporte.

      2º- Descarga en tú escritorio OTL By OldTimer

      Ahora realiza los siguientes pasos


      • Cierra todos programas que tengas abiertos ( msn, internet explorer,mozilla,Emule,Ares..) y hacer doble click en el ícono de OTL para ejecutarlo.
      • Ahora en el menú solo debes cambiar debajo de donde pone: "Tipo de Análisis" poner Resultado Mínimo.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Cita.

        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Ver imágen de como quedaría la configuración. pincha aquí.
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presionar el botón >> .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.
      Invy

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de adaia
      Registrado
      ene 2012
      Ubicación
      Mallorca
      Mensajes
      18

      Re: eliminar Crownhub

      El análisis con Malwarebytes lo había hecho anteriormente y ya eliminé lo que encontró. De todas maneras lo he ejecutado de nuevo para seguir tus instrucciones y no ha encontrado nada más.

      Y aquí está el reporte de OTL:

      OTL logfile created on: 25/10/2012 11:52:55 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Usuario\Desktop
      64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.7600.16385)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      3,79 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 52,96% Memory free
      7,58 Gb Paging File | 5,42 Gb Available in Paging File | 71,47% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 149,04 Gb Total Space | 97,65 Gb Free Space | 65,52% Space Free | Partition Type: NTFS
      Drive D: | 427,59 Gb Total Space | 426,96 Gb Free Space | 99,85% Space Free | Partition Type: NTFS

      Computer Name: USUARIO-PC | User Name: Usuario | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Usuario\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Users\Usuario\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
      PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\procmon.exe ()
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Users\Usuario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
      PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
      PRC - C:\Windows\AsScrPro.exe (ASUS)
      PRC - C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
      PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
      PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
      PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe (asus)
      PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
      PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
      PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
      PRC - C:\Program Files (x86)\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe (CyberLink)
      PRC - C:\Program Files (x86)\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe (CyberLink Corp.)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe (Boingo Wireless, Inc.)
      PRC - C:\Program Files (x86)\ASUS\AI TouchMedia\PlayMovie\PMVService.exe (CyberLink Corp.)
      PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
      PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
      PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
      PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
      PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
      PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
      PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
      PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


      ========== Modules (No Company Name) ==========

      MOD - C:\Users\Usuario\AppData\Local\Facebook\Messenger\2.1.4651.0\libcef.dll ()
      MOD - C:\Users\Usuario\AppData\Local\Facebook\Messenger\2.1.4651.0\CefSharp.WinForms.dll ()
      MOD - C:\Users\Usuario\AppData\Local\Facebook\Messenger\2.1.4651.0\CefSharp.dll ()
      MOD - C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\procmon.exe ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\84fbf353f91385690a3e4e982aa6930e\System.Web.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\517358eb2fd962a942dd1ea6afc5b93e\PresentationFramework.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll ()
      MOD - C:\Users\Usuario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3f9dee1ce0ccb42145293a5bfcbe7205\System.Management.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc626095c194be137bceb219934b06a7\PresentationFramework.Aero.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\294d439cfe959b5528ca81d37d3d502f\System.Data.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll ()
      MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
      MOD - C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll ()
      MOD - C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll ()
      MOD - C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll ()
      MOD - C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll ()
      MOD - C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll ()
      MOD - C:\Program Files (x86)\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMediaLibrary.dll ()
      MOD - C:\Program Files (x86)\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvcPS.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_es_31bf3856ad364e35\PresentationCore.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\System.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
      MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
      MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
      SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
      SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
      SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
      SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (AsDsm) -- C:\Windows\SysNative\drivers\AsDsm.sys (ASUSTek Computer Inc)
      DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
      DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
      DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
      DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
      DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
      DRV:64bit: - (JME) -- C:\Windows\SysNative\drivers\JME.sys (JMicron Technology Corp.)
      DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
      DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
      DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
      DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
      DRV:64bit: - (lullaby) -- C:\Windows\SysNative\drivers\lullaby.sys (Windows (R) Win 7 DDK provider)
      DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
      DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
      DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
      IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=110857&mntrId=e0e00b840000000000000026c7b826cb
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
      FF - prefs.js..browser.startup.homepage: "about:home"
      FF - prefs.js..extensions.enabledAddons: {E3D86202-CC7F-4870-8CCF-60319C0AF7BC}:1.0
      FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
      FF - prefs.js..keyword.URL: "http://google.com"


      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Usuario\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{E3D86202-CC7F-4870-8CCF-60319C0AF7BC}: C:\Users\Usuario\AppData\Roaming\Mozilla\FireFox\{E3D86202-CC7F-4870-8CCF-60319C0AF7BC}.xpi [2012/07/04 20:38:24 | 000,008,439 | ---- | M] ()
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/24 11:49:10 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

      [2011/05/18 04:20:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Usuario\AppData\Roaming\mozilla\Extensions
      [2012/10/24 15:52:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Usuario\AppData\Roaming\mozilla\Firefox\Profiles\gcs6ou9e.default\extensions
      [2012/10/24 11:49:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/10/24 11:49:03 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      [2012/10/24 11:49:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
      [2012/07/04 20:38:24 | 000,008,439 | ---- | M] () (No name found) -- C:\USERS\USUARIO\APPDATA\ROAMING\MOZILLA\FIREFOX\{E3D86202-CC7F-4870-8CCF-60319C0AF7BC}.XPI
      [2012/10/24 11:49:09 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/09/13 20:33:53 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/07/19 18:07:33 | 000,003,882 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/06/20 17:56:17 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2012/10/24 11:49:08 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/06/20 17:56:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/06/20 17:56:17 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: Google
      CHR - Extension: No name found = C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: No name found = C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
      CHR - Extension: No name found = C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
      CHR - Extension: No name found = C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
      CHR - Extension: No name found = C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\
      CHR - Extension: No name found = C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      O1 HOSTS File: ([2012/10/24 16:55:15 | 000,000,690 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
      O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
      O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk ()
      O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
      O4 - HKLM..\Run: [PCMAgent] C:\Program Files (x86)\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\ASUS\AI TouchMedia\PlayMovie\PMVService.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
      O4 - HKLM..\Run: [SmartWatcher] C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\procmon.exe ()
      O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
      O4 - HKCU..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
      O4 - HKCU..\Run: [Bubble Dock] "C:\Users\Usuario\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup File not found
      O4 - HKCU..\Run: [Facebook Update] C:\Users\Usuario\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKCU..\Run: [SmartWatcher] C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\procmon.exe ()
      O4 - HKCU..\Run: [Spotify] C:\Users\Usuario\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
      O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Usuario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
      O4 - Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Usuario\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
      O1364bit: - gopher Prefix: missing
      O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
      O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
      O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_33)
      O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_33)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_33)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.58.61.250 80.58.61.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4EF6DACA-7693-4A45-A215-7A357493CE35}: DhcpNameServer = 192.168.8.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{589D9DF2-6D17-4CC6-8297-83FF5E7255FA}: DhcpNameServer = 80.58.61.250 80.58.61.254
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2012/01/16 17:01:43 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


      MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
      MsConfig:64bit - StartUpReg: ADSMTray - hkey= - key= - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
      MsConfig:64bit - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
      MsConfig:64bit - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files (x86)\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe (CyberLink)

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/10/25 11:50:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Usuario\Desktop\OTL.exe
      [2012/10/24 17:14:55 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/10/24 16:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
      [2012/10/24 16:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
      [2012/10/24 16:50:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
      [2012/10/24 15:42:24 | 000,251,560 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
      [2012/10/24 15:42:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
      [2012/10/24 15:41:59 | 000,000,000 | ---D | C] -- C:\Users\Usuario\AppData\Roaming\TestApp
      [2012/10/24 15:41:59 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
      [2012/10/24 11:49:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2012/10/02 12:20:58 | 000,000,000 | ---D | C] -- C:\Users\Usuario\AppData\Local\Deployment
      [2012/10/02 12:20:58 | 000,000,000 | ---D | C] -- C:\Users\Usuario\AppData\Local\Apps
      [2012/10/01 17:46:41 | 000,000,000 | ---D | C] -- C:\Users\Usuario\Desktop\CD OTOÑO 2012
      [2012/09/30 21:36:52 | 000,000,000 | ---D | C] -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
      [2012/09/30 17:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Installer
      [2008/08/12 07:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

      ========== Files - Modified Within 30 Days ==========

      [2012/10/25 11:50:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Usuario\Desktop\OTL.exe
      [2012/10/25 11:48:34 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4232750918-3550982461-2673268952-1001UA.job
      [2012/10/25 11:48:32 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4232750918-3550982461-2673268952-1001Core.job
      [2012/10/25 11:48:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/10/25 11:42:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/10/25 11:37:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/10/24 19:37:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/10/24 17:25:31 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/10/24 17:25:31 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/10/24 17:18:26 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
      [2012/10/24 17:17:44 | 3054,792,704 | -HS- | M] () -- C:\hiberfil.sys
      [2012/10/24 16:55:15 | 000,000,690 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
      [2012/10/24 16:53:54 | 000,002,253 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
      [2012/10/24 15:42:41 | 001,839,183 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
      [2012/10/24 12:57:37 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/10/03 15:49:18 | 000,002,188 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
      [2012/10/01 17:56:07 | 000,002,828 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
      [2012/09/30 21:38:22 | 001,555,646 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/09/30 21:38:22 | 000,703,840 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/09/30 21:38:22 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/09/30 21:38:22 | 000,137,806 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/09/30 21:38:22 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/09/30 21:36:57 | 000,001,328 | ---- | M] () -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
      [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

      ========== Files Created - No Company Name ==========

      [2012/10/24 17:14:55 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/10/24 17:14:55 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/10/24 17:14:55 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/10/24 16:53:54 | 000,002,253 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
      [2012/10/24 15:42:31 | 001,839,183 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
      [2012/01/16 20:00:07 | 000,000,176 | ---- | C] () -- C:\ProgramData\~HrZVnR8W2tZjKXr
      [2012/01/16 19:58:49 | 000,000,296 | ---- | C] () -- C:\ProgramData\~HrZVnR8W2tZjKX
      [2012/01/16 19:57:33 | 000,000,456 | ---- | C] () -- C:\ProgramData\HrZVnR8W2tZjKX
      [2011/10/11 11:15:46 | 000,002,828 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
      [2011/10/11 11:15:46 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\D8E31E0CCD.sys
      [2011/09/30 11:23:59 | 000,005,883 | ---- | C] () -- C:\Users\Usuario\.recently-used.xbel
      [2011/05/18 04:20:36 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
      [2011/05/18 04:19:13 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
      [2009/04/08 20:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
      [2008/05/22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg

      ========== ZeroAccess Check ==========

      [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2011/07/17 20:45:46 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Asus WebStorage
      [2011/10/10 17:05:55 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\coupons
      [2011/09/30 11:23:59 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\gtk-2.0
      [2011/07/13 23:43:48 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\LibreOffice
      [2012/05/26 22:36:19 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Movier
      [2012/04/27 15:45:53 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\PowerCinema
      [2012/10/24 17:28:19 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\Spotify
      [2012/10/24 15:41:59 | 000,000,000 | ---D | M] -- C:\Users\Usuario\AppData\Roaming\TestApp

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/10/24 19:25:39 | 000,002,462 | ---- | M] () -- C:\AT-Destroyer.txt
      [2012/01/16 17:01:43 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
      [2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
      [2009/07/29 08:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2010/11/21 19:00:24 | 000,015,352 | ---- | M] () -- C:\devlist.txt
      [2012/06/16 23:04:33 | 000,001,325 | ---- | M] () -- C:\dpi.txt
      [2012/10/24 17:17:44 | 3054,792,704 | -HS- | M] () -- C:\hiberfil.sys
      [2010/08/19 14:26:01 | 002,097,152 | ---- | M] () -- C:\K52F.BIN
      [2010/08/23 09:40:15 | 000,000,019 | ---- | M] () -- C:\K52F_K62F_WIN7.70
      [2010/05/06 04:56:33 | 002,097,152 | ---- | M] () -- C:\K62F.BIN
      [2012/10/24 17:17:45 | 4073,058,304 | -HS- | M] () -- C:\pagefile.sys
      [2006/05/13 18:22:24 | 000,000,005 | ---- | M] () -- C:\Pass.txt
      [2012/10/24 18:07:57 | 000,000,120 | ---- | M] () -- C:\prueba.txt
      [2010/08/23 09:40:15 | 000,000,012 | ---- | M] () -- C:\RECOVERY.DAT

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:2F370DA6
      @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:A724744F

      < End of report >

    6. #6
      Moderador
      Avatar de @MarioL
      Registrado
      nov 2006
      Ubicación
      Málaga - España
      Mensajes
      8.819

      Re: eliminar Crownhub

      Pega su reporte igualmente
      Invy

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de adaia
      Registrado
      ene 2012
      Ubicación
      Mallorca
      Mensajes
      18

      Re: eliminar Crownhub

      Perdón

      Malwarebytes Anti-Malware 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.10.24.01

      Windows 7 x64 NTFS
      Internet Explorer 8.0.7600.16385
      Usuario :: USUARIO-PC [administrador]

      25/10/2012 10:58:36
      mbam-log-2012-10-25 (10-58-36).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 341491
      Tiempo transcurrido: 42 minuto(s), 36 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)

    8. #8
      Usuario Avatar de adaia
      Registrado
      ene 2012
      Ubicación
      Mallorca
      Mensajes
      18

      Re: eliminar Crownhub

      Disculpad, pero el problema persiste y no sé qué debo hacer

    9. #9
      Moderador
      Avatar de @MarioL
      Registrado
      nov 2006
      Ubicación
      Málaga - España
      Mensajes
      8.819

      Re: eliminar Crownhub

      Hola.

      Perdona la demora, mantente a la espera ya que he realizado una consulta...
      Invy

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de adaia
      Registrado
      ene 2012
      Ubicación
      Mallorca
      Mensajes
      18

      Re: eliminar Crownhub

      De acuerdo, gracias.

    Página 1 de 3 123 ÚltimoÚltimo