• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 17

    Pc está Infectada con Java/Exploit.CVE-2012-1723.C

    Hola q tal no soy un usuario muy experto desde Anoche no las páginas de Facebook y Twitter no me Cargaban, deduje q era un virus o malware pq todas las demás abrian relativamente normal, ...

    1. #1
      Usuario Avatar de acevnet
      Registrado
      oct 2010
      Ubicación
      Venezuela
      Mensajes
      10

      Triste Pc está Infectada con Java/Exploit.CVE-2012-1723.C

      Hola q tal no soy un usuario muy experto desde Anoche no las páginas de Facebook y Twitter no me Cargaban, deduje q era un virus o malware pq todas las demás abrian relativamente normal, pace el Ccleaner reinicie en modo seguro pase el Malwarebytes encontró 84 Amenazas las eliminé reinicie y aún no abrian las páginas mencionadas, en este momento estoy Pasando el Eset Online Scanner y me ha encontrado 7 amenazas y una de ellas es el: Java/Exploit.CVE-2012-1723.C creo q este es el q me esta afectado, aún no termina el Scanner pero he leido en otros foros y páginas que según el Eset lo detecta pero no lo elimina, quien me puede ayudar a eliminarlo totalmente. Gracias, y disculpan fallo en algo respecto a la forma de publicación del tema. Gracias.

    2. #2
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.693

      Re: Pc está Infectada con Java/Exploit.CVE-2012-1723.C

      Buenas acevnet. al Foro.

      Temas que interesa revisar y leer :

      Consejos para antes de publicar un nuevo mensaje.

      Políticas del Foro de InfoSpyware.

      Políticas Foro Oficial de HijackThis en español.

      ¿Cómo subir imágenes al Foro? *TUTORIAL*
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Cuando termines el Análisis con Eset, nos pones el informe de Eset y también el de Malwarebytes, que lo encontraras en la pestaña "Registros" del programa.

      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de acevnet
      Registrado
      oct 2010
      Ubicación
      Venezuela
      Mensajes
      10

      Re: Pc está Infectada con Java/Exploit.CVE-2012-1723.C

      Muchas Gracias... Voy a leer los temas para cumplir con las normas, nuevamente Gracias!

    4. #4
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.693

      Re: Pc está Infectada con Java/Exploit.CVE-2012-1723.C

      Tranquilo, no te preocupes, no has incumplido ninguna, solo lo ponemos para que sepáis como funciona el Foro.

      Cuando tengas los resultados nos los pones todos juntos, si no pudieras ponerlos en un solo mensaje, divide los informes en tantos mensajes como necesites.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de acevnet
      Registrado
      oct 2010
      Ubicación
      Venezuela
      Mensajes
      10

      Re: Pc está Infectada con Java/Exploit.CVE-2012-1723.C

      Hola, te cuento q no copie los informes pq Terminó de pasar el Eset Online Scanner encontro y eliminó las amenazas entre esas el Virus Ese Java/exploit despues de eso reinicie volvi a escanear en Modo Seguro con el Malwarebytes y no encontró nada, reinicie abrí firefox y chrome y me abrieron Facebook y Twitter si Novedad... no guarde los informes pq estaba todo "solucionado" pero nada mas lejos de la realidad. Reinicie y volví a abrir FB y el Twitter y Volvió el Problema Al parecer El Virus no se borro estaba oculto o algo así ahora si es verdad que no se que más hacer. AYUDA!

    6. #6
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.693

      Re: Pc está Infectada con Java/Exploit.CVE-2012-1723.C

      Bueno, entonces sigue estos pasos, y en el orden indicado :

      Desinstala todas la versiones antiguas que tengas de Java >> Manual de JavaRa.

      Descarga y ejecuta >> Ccleaner.

      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      Descarga >> AT-Destroyer 2.0 (by InfoSpyware) | InfoSpyware

      • Cierra TODOS los programas que tengas abiertos, y >> Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer. (Si usas Windows Vista o 7 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En el menú pulsa sobre la opción "Buscar y Destruir".
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • Si detecta infecciones se te indicara y pulsas en Aceptar.
      • Al finalizar el proceso te pedirá Reiniciar, pulsa para Aceptar.
      • Al Iniciar de nuevo Windows se te abrirá un reporte/informe, que deberás copiar en tu próxima respuesta, comentando cómo funciona el sistema.(También puedes encontrarlo en C:\AT-Destroyer.txt)


      Y finalmente descarga >> OTL By OldTimer

      *** Para Ejecutar OTL sigue estos pasos :

      • Cerrar todos programas que tengas abiertos y hacer doble click en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar la casilla Analizar Todos.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones: Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar las líneas del siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Código:
        Código:
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT


      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presionar el botón .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.


      En tu próxima respuesta recuerda:

      - Ponernos los informes de AT-Destroyer y OTL.txt.

      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de acevnet
      Registrado
      oct 2010
      Ubicación
      Venezuela
      Mensajes
      10

      Re: Pc está Infectada con Java/Exploit.CVE-2012-1723.C

      Ok. Gracias Voy a eso! de verdad. Gracias por la ayuda! en unos minutos vuelvo!

    8. #8
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.693

      Re: Pc está Infectada con Java/Exploit.CVE-2012-1723.C

      No tengas prisa, cuando tengas todos los informes nos los pones, si no te entran en un solio mensaje, divídelos en varios.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de acevnet
      Registrado
      oct 2010
      Ubicación
      Venezuela
      Mensajes
      10

      Re: Pc está Infectada con Java/Exploit.CVE-2012-1723.C

      Informe: AT-Destroyer

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 18:40:07 \\\ 01/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:16.0.2.4680
      Privilegios: Jose Gregorio - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: JOSEGREGORIO-PC
      Información del sistema operativo:X86-WIN_7-
      nombre del usuario:Jose Gregorio
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<



      >>>>>> Archivos <<<<<<

      C:\Windows\system32\DEBUG.log


      >>>>>> Registro <<<<<<

      HKEY_CURRENT_USER\Software\Conduit
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\System32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==


      HKEY_USERS\S-1-5-21-3432426774-4217588120-1118351212-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "http://www.google.co.ve/");
      user_pref("browser.startup.homepage_override.buildID", "20121024073032");
      user_pref("browser.startup.homepage_override.mstone", "16.0.2");
      user_pref("pref.browser.homepage.disable_button.current_page", false);


      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Jose Gregorio\AppData\Local\Google\Chrome\User Data\Default\Extensions\3
      C:\Users\Jose Gregorio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\Jose Gregorio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\Jose Gregorio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

      ======== Listado ===========

      C:\Users\Jose Gregorio\AppData\Roaming\Adobe BMP Format CS5 Prefs [AI] 132 bytes ( )
      C:\Users\Jose Gregorio\AppData\Roaming\Adobe GIF Format CS5 Prefs [AI] 132 bytes ( )
      C:\Users\Jose Gregorio\AppData\Roaming\Adobe GIF Format CS6 Prefs [AI] 132 bytes ( )
      [ 17/05/2011 9:22] [ 17/05/2011 9:22] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Adobe Mini Bridge CS5
      C:\Users\Jose Gregorio\AppData\Roaming\Adobe PNG Format CS5 Prefs [AI] 132 bytes ( )
      C:\Users\Jose Gregorio\AppData\Roaming\Adobe PNG Format CS6 Prefs [AI] 132 bytes ( )
      [25/04/2012 15:08] [25/04/2012 15:08] [DI] C:\Users\Jose Gregorio\AppData\Roaming\AdobeMuse
      [ 04/11/2011 8:51] [ 04/11/2011 8:51] [DI] C:\Users\Jose Gregorio\AppData\Roaming\ATI
      [30/11/2012 23:29] [15/05/2011 17:23] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Azureus
      [19/11/2011 16:20] [19/11/2011 16:20] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Blackberry Desktop
      [17/05/2011 14:28] [17/05/2011 14:28] [DI] C:\Users\Jose Gregorio\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [10/05/2012 17:48] [10/05/2012 17:48] [DI] C:\Users\Jose Gregorio\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [02/05/2012 16:35] [02/05/2012 16:35] [DI] C:\Users\Jose Gregorio\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
      [15/05/2011 21:29] [15/05/2011 21:29] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Corel
      [ 13/08/2012 1:19] [ 17/06/2011 22:42] [DI] C:\Users\Jose Gregorio\AppData\Roaming\DAEMON Tools Lite
      [05/09/2012 11:33] [04/09/2012 14:03] [D] C:\Users\Jose Gregorio\AppData\Roaming\Dropbox
      [15/05/2011 22:13] [15/05/2011 22:13] [DI] C:\Users\Jose Gregorio\AppData\Roaming\GHISLER
      [17/05/2011 10:26] [17/05/2011 10:19] [DI] C:\Users\Jose Gregorio\AppData\Roaming\HP
      [13/05/2011 11:31] [13/05/2011 11:31] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Identities
      [ 14/05/2011 8:48] [ 14/05/2011 8:48] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Macromedia
      [ 01/12/2012 9:47] [ 01/12/2012 9:47] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Malwarebytes
      [01/12/2012 18:35] [15/05/2011 19:26] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Media Player Classic
      [04/07/2012 15:13] [13/05/2011 11:31] [SDI] C:\Users\Jose Gregorio\AppData\Roaming\Microsoft
      [ 09/07/2011 0:42] [ 09/07/2011 0:42] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Microsoft Games
      [13/05/2011 23:26] [13/05/2011 23:26] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Mozilla
      [10/08/2011 21:52] [10/08/2011 21:52] [DI] C:\Users\Jose Gregorio\AppData\Roaming\NVIDIA
      [ 26/03/2012 9:26] [ 26/03/2012 9:26] [DI] C:\Users\Jose Gregorio\AppData\Roaming\PDAppFlex
      [14/11/2011 23:35] [14/11/2011 23:34] [DI] C:\Users\Jose Gregorio\AppData\Roaming\QuickScan
      [ 11/07/2011 7:20] [ 11/07/2011 7:20] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Research In Motion
      C:\Users\Jose Gregorio\AppData\Roaming\Rim.Desktop.Exception.log [AI] 1,57 KB ( )
      C:\Users\Jose Gregorio\AppData\Roaming\Rim.Desktop.HttpServerSetup.log [AI] 3,26 KB ( )
      C:\Users\Jose Gregorio\AppData\Roaming\Rim.DesktopHelper.Exception.log [AI] 1,42 KB ( )
      [02/07/2011 14:29] [02/07/2011 14:29] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Sierra Entertainment
      [ 17/05/2011 9:22] [ 17/05/2011 9:22] [DI] C:\Users\Jose Gregorio\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
      [ 13/07/2011 0:48] [ 13/07/2011 0:48] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Thinstall
      [28/05/2012 10:49] [28/05/2012 10:49] [DI] C:\Users\Jose Gregorio\AppData\Roaming\tor
      [ 23/11/2012 9:06] [ 14/06/2012 23:05] [DI] C:\Users\Jose Gregorio\AppData\Roaming\Winamp
      [08/05/2012 17:08] [15/05/2011 20:23] [D] C:\Users\Jose Gregorio\AppData\Roaming\WinRAR
      [11/05/2012 12:30] [14/05/2011 0:33] [D] C:\Program Files\Adobe
      [21/08/2012 18:35] [21/08/2012 18:35] [D] C:\Program Files\Adobe Download Assistant
      [14/05/2011 8:55] [14/05/2011 8:55] [D] C:\Program Files\Adobe Media Player
      [22/11/2012 18:23] [22/11/2012 18:23] [D] C:\Program Files\Adobe Muse
      [14/11/2012 7:34] [14/11/2012 7:34] [D] C:\Program Files\AMD APP
      [14/11/2012 7:34] [14/11/2012 7:34] [D] C:\Program Files\AMD AVT
      [13/05/2011 11:29] [13/05/2011 11:29] [HSDLI] C:\Program Files\Archivos comunes
      [15/07/2011 9:02] [15/07/2011 9:01] [D] C:\Program Files\Ares
      [04/11/2011 8:47] [04/11/2011 8:47] [D] C:\Program Files\ATI
      [14/11/2012 7:34] [04/11/2011 8:46] [D] C:\Program Files\ATI Technologies
      [04/07/2012 21:47] [01/11/2011 12:32] [D] C:\Program Files\BBSAK
      [15/05/2011 21:44] [15/05/2011 21:44] [D] C:\Program Files\Bonjour
      [01/12/2012 18:32] [13/05/2011 20:53] [D] C:\Program Files\CCleaner
      [01/12/2012 12:30] [13/07/2009 22:07] [D] C:\Program Files\Common Files
      [15/05/2011 21:21] [15/05/2011 21:21] [D] C:\Program Files\Corel
      [12/09/2012 10:22] [12/09/2012 10:22] [D] C:\Program Files\Cracklock
      [07/11/2011 12:36] [07/11/2011 12:21] [D] C:\Program Files\Crysis 2
      [05/08/2012 14:02] [05/08/2012 14:02] [D] C:\Program Files\DAEMON Tools Lite
      C:\Program Files\desktop.ini [HSA] 174 bytes( 0)
      [23/04/2012 0:29] [23/04/2012 0:29] [D] C:\Program Files\Digital Dutch
      [14/05/2012 20:24] [14/05/2012 20:24] [D] C:\Program Files\Digital1Audio
      [14/07/2009 4:38] [14/07/2009 0:22] [D] C:\Program Files\DVD Maker
      [06/10/2012 17:23] [20/06/2011 23:44] [D] C:\Program Files\Electronic Arts
      [01/12/2012 12:31] [01/12/2012 12:31] [D] C:\Program Files\Enigma Software Group
      [01/12/2012 10:06] [23/05/2011 22:25] [D] C:\Program Files\ESET
      [24/10/2012 9:53] [24/10/2012 9:53] [D] C:\Program Files\Freemake
      [22/09/2012 21:41] [23/06/2011 16:46] [D] C:\Program Files\Google
      [15/05/2011 21:24] [15/05/2011 21:24] [D] C:\Program Files\gs
      [17/05/2011 10:16] [17/05/2011 10:13] [D] C:\Program Files\HP
      [19/05/2011 23:13] [19/05/2011 23:13] [D] C:\Program Files\Image Viewer CP ActiveX Control
      [23/12/2011 10:12] [18/05/2011 12:34] [HD] C:\Program Files\InstallShield Installation Information
      [14/11/2012 10:33] [13/07/2009 22:07] [D] C:\Program Files\Internet Explorer
      [20/10/2012 13:06] [12/07/2012 8:07] [D] C:\Program Files\Java
      [29/11/2012 9:05] [15/05/2011 14:56] [D] C:\Program Files\JDownloader
      [01/11/2011 12:25] [01/11/2011 12:25] [D] C:\Program Files\JL_Cmder
      [28/12/2011 22:37] [13/05/2011 23:19] [D] C:\Program Files\K-Lite Codec Pack
      [15/11/2011 8:42] [15/11/2011 8:42] [D] C:\Program Files\Lavasoft
      [01/12/2012 9:46] [01/12/2012 9:46] [D] C:\Program Files\Malwarebytes' Anti-Malware
      [09/09/2011 13:26] [14/07/2009 0:22] [D] C:\Program Files\Microsoft Games
      [10/07/2011 1:10] [10/07/2011 1:10] [D] C:\Program Files\Microsoft Games for Windows - LIVE
      [13/10/2011 19:02] [13/10/2011 19:02] [D] C:\Program Files\Microsoft IntelliPoint
      [23/06/2012 18:35] [26/05/2011 11:16] [D] C:\Program Files\Microsoft Office
      [15/05/2011 21:24] [15/05/2011 21:24] [D] C:\Program Files\Microsoft SDKs
      [01/12/2012 14:49] [01/12/2012 14:48] [D] C:\Program Files\Microsoft Security Client
      [09/05/2012 12:35] [13/05/2011 23:50] [D] C:\Program Files\Microsoft Silverlight
      [13/05/2011 23:58] [13/05/2011 23:58] [D] C:\Program Files\Microsoft SQL Server Compact Edition
      [26/05/2011 11:18] [26/05/2011 11:18] [D] C:\Program Files\Microsoft Visual Studio
      [15/05/2011 21:26] [15/05/2011 21:24] [D] C:\Program Files\Microsoft Visual Studio 9.0
      [27/05/2011 1:25] [26/05/2011 11:18] [D] C:\Program Files\Microsoft Works
      [15/05/2011 21:24] [14/05/2011 8:44] [D] C:\Program Files\Microsoft.NET
      [04/10/2011 23:45] [04/10/2011 23:45] [D] C:\Program Files\MKVtoolnix
      [21/11/2012 22:35] [27/10/2012 16:04] [D] C:\Program Files\Mozilla Firefox
      [29/10/2012 11:48] [25/04/2012 18:39] [D] C:\Program Files\Mozilla Maintenance Service
      [14/07/2009 0:22] [14/07/2009 0:22] [D] C:\Program Files\MSBuild
      [26/05/2011 11:19] [26/05/2011 11:19] [D] C:\Program Files\MSECache
      [04/11/2011 8:53] [04/11/2011 8:51] [D] C:\Program Files\MSI Afterburner
      [18/05/2011 8:07] [18/05/2011 8:07] [D] C:\Program Files\MSXML 4.0
      [23/05/2012 11:15] [23/05/2012 11:15] [D] C:\Program Files\nCube
      [22/02/2012 19:11] [13/05/2011 17:00] [D] C:\Program Files\NVIDIA Corporation
      [04/07/2011 22:27] [28/06/2011 19:26] [D] C:\Program Files\On2 Technologies
      [14/11/2011 23:39] [14/11/2011 23:39] [D] C:\Program Files\Panda Security
      [19/05/2011 8:14] [19/05/2011 8:14] [D] C:\Program Files\PC Inspector File Recovery
      [30/06/2011 14:51] [30/06/2011 14:51] [D] C:\Program Files\Recuva
      [14/07/2009 0:22] [14/07/2009 0:22] [D] C:\Program Files\Reference Assemblies
      [11/07/2011 7:17] [11/07/2011 7:17] [D] C:\Program Files\Research In Motion
      [22/09/2011 13:26] [22/09/2011 13:26] [D] C:\Program Files\Research In Motion Limited
      [23/05/2012 11:40] [23/05/2012 11:40] [D] C:\Program Files\RK Launcher
      [23/05/2012 9:48] [23/05/2012 9:48] [D] C:\Program Files\RocketDock
      [22/09/2012 21:37] [23/05/2011 23:48] [D] C:\Program Files\Smarty Uninstaller Pro
      [17/05/2011 10:58] [17/05/2011 10:58] [D] C:\Program Files\SoftLogica
      [15/11/2011 8:37] [15/11/2011 8:36] [D] C:\Program Files\SpywareBlaster
      [23/05/2012 9:50] [23/05/2012 9:50] [D] C:\Program Files\Stardock
      [01/12/2012 18:15] [19/11/2011 12:36] [D] C:\Program Files\Steam
      [08/07/2012 23:36] [08/07/2012 23:14] [D] C:\Program Files\stinger
      [25/10/2011 12:44] [25/10/2011 12:44] [D] C:\Program Files\SystemRequirementsLab
      [23/10/2011 10:08] [23/10/2011 10:08] [D] C:\Program Files\Team17
      [14/07/2009 0:23] [14/07/2009 0:23] [HD] C:\Program Files\Uninstall Information
      [13/11/2011 19:14] [23/10/2011 9:38] [D] C:\Program Files\VictorVal
      [30/10/2012 20:14] [15/05/2011 17:18] [D] C:\Program Files\Vuze
      [29/11/2011 18:34] [19/05/2011 23:23] [SD] C:\Program Files\Web Album Maker
      [14/06/2012 23:07] [13/05/2011 23:29] [D] C:\Program Files\Winamp
      [14/06/2012 23:05] [13/05/2011 23:29] [D] C:\Program Files\Winamp Detect
      [14/07/2009 4:18] [14/07/2009 0:22] [D] C:\Program Files\Windows Defender
      [06/04/2012 0:30] [13/05/2011 23:51] [D] C:\Program Files\Windows Live
      [13/05/2011 19:59] [13/07/2009 22:07] [D] C:\Program Files\Windows Mail
      [13/05/2011 19:59] [14/07/2009 0:22] [D] C:\Program Files\Windows Media Player
      [13/05/2011 11:29] [13/07/2009 22:07] [D] C:\Program Files\Windows NT
      [14/07/2009 4:18] [14/07/2009 0:22] [D] C:\Program Files\Windows Photo Viewer
      [14/07/2009 0:22] [14/07/2009 0:22] [D] C:\Program Files\Windows Portable Devices
      [14/07/2009 4:18] [14/07/2009 0:22] [D] C:\Program Files\Windows Sidebar
      [08/05/2012 16:50] [13/05/2011 22:56] [D] C:\Program Files\WinRAR
      [23/05/2012 12:13] [23/05/2012 12:13] [D] C:\Program Files\Winstep
      [18/05/2011 12:34] [18/05/2011 12:34] [D] C:\Program Files\Xara
      [05/10/2012 20:17] [28/05/2012 14:42] [D] C:\Program Files\XWidget
      [07/07/2011 14:06] [07/07/2011 14:06] [DI] C:\ProgramData\ALM
      [14/11/2012 7:34] [04/11/2011 8:48] [DI] C:\ProgramData\AMD
      [14/07/2009 0:23] [14/07/2009 0:23] [HSDLI] C:\ProgramData\Application Data
      [14/11/2012 7:34] [14/11/2012 7:34] [DI] C:\ProgramData\ATI
      [15/05/2011 21:23] [15/05/2011 21:23] [DI] C:\ProgramData\Corel
      [07/08/2012 21:10] [17/06/2011 22:42] [DI] C:\ProgramData\DAEMON Tools Lite
      [13/05/2011 11:29] [13/05/2011 11:29] [HSDLI] C:\ProgramData\Datos de programa
      [14/07/2009 0:23] [14/07/2009 0:23] [HSDLI] C:\ProgramData\Desktop
      [13/05/2011 11:29] [13/05/2011 11:29] [HSDLI] C:\ProgramData\Documentos
      [14/07/2009 0:23] [14/07/2009 0:23] [HSDLI] C:\ProgramData\Documents
      [20/06/2011 22:24] [20/06/2011 22:24] [HSD] C:\ProgramData\DSS
      [14/11/2011 22:41] [14/11/2011 22:41] [DI] C:\ProgramData\EA Core
      [14/11/2011 22:41] [21/06/2011 0:24] [DI] C:\ProgramData\Electronic Arts
      [13/05/2011 11:29] [13/05/2011 11:29] [HSDLI] C:\ProgramData\Escritorio
      [02/06/2011 19:05] [23/05/2011 22:25] [DI] C:\ProgramData\ESET
      [14/07/2009 0:23] [14/07/2009 0:23] [HSDLI] C:\ProgramData\Favorites
      [13/05/2011 11:29] [13/05/2011 11:29] [HSDLI] C:\ProgramData\Favoritos
      [15/05/2011 21:47] [15/05/2011 21:47] [DI] C:\ProgramData\FLEXnet
      [24/10/2012 9:54] [24/10/2012 9:53] [DI] C:\ProgramData\Freemake
      [22/09/2012 21:11] [24/06/2011 8:51] [DI] C:\ProgramData\Google
      [17/05/2011 10:16] [17/05/2011 10:11] [DI] C:\ProgramData\HP
      C:\ProgramData\hpzinstall.log [AI] 2,20 KB 0
      [15/11/2011 8:42] [15/11/2011 8:42] [DI] C:\ProgramData\Lavasoft
      [01/12/2012 9:46] [01/12/2012 9:46] [DI] C:\ProgramData\Malwarebytes
      [13/05/2011 11:29] [13/05/2011 11:29] [HSDLI] C:\ProgramData\Menú Inicio
      [01/12/2012 14:48] [13/07/2009 22:07] [SDI] C:\ProgramData\Microsoft
      [19/11/2012 9:53] [15/05/2011 21:24] [DI] C:\ProgramData\Microsoft Help
      [25/04/2012 18:39] [25/04/2012 18:39] [DI] C:\ProgramData\Mozilla
      [05/09/2012 11:38] [19/02/2012 22:24] [DI] C:\ProgramData\Norton
      [19/02/2012 22:24] [19/02/2012 22:24] [DI] C:\ProgramData\NortonInstaller
      [22/02/2012 19:11] [02/06/2011 11:41] [DI] C:\ProgramData\NVIDIA
      [13/05/2011 11:29] [13/05/2011 11:29] [HSDLI] C:\ProgramData\Plantillas
      [11/05/2012 12:09] [15/05/2011 17:53] [DI] C:\ProgramData\regid.1986-12.com.adobe
      [17/11/2012 9:29] [17/11/2012 9:29] [DI] C:\ProgramData\Research In Motion
      [19/05/2011 23:36] [19/05/2011 23:36] [DI] C:\ProgramData\Socusoft
      [06/10/2012 18:07] [06/10/2012 18:07] [DI] C:\ProgramData\Solidshield
      [14/07/2009 0:23] [14/07/2009 0:23] [HSDLI] C:\ProgramData\Start Menu
      [15/05/2011 15:01] [15/05/2011 15:01] [DI] C:\ProgramData\Sun
      [23/05/2011 20:02] [23/05/2011 20:02] [DI] C:\ProgramData\SUPERAntiSpyware.com
      [04/09/2012 16:43] [04/09/2012 16:43] [DI] C:\ProgramData\Symantec
      [23/05/2012 12:24] [19/05/2011 23:36] [DAI] C:\ProgramData\TEMP
      [14/07/2009 0:23] [14/07/2009 0:23] [HSDLI] C:\ProgramData\Templates
      [17/05/2011 10:19] [17/05/2011 10:19] [DI] C:\ProgramData\WEBREG

      ==================== EOF ==================

    10. #10
      Usuario Avatar de acevnet
      Registrado
      oct 2010
      Ubicación
      Venezuela
      Mensajes
      10

      Re: Pc está Infectada con Java/Exploit.CVE-2012-1723.C

      Informe OTL:

      OTL logfile created on: 01/12/2012 19:03:17 - Run 2
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jose Gregorio\Desktop\OTL
      Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      3,00 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 64,35% Memory free
      7,50 Gb Paging File | 6,37 Gb Available in Paging File | 84,99% Paging File free
      Paging file location(s): c:\pagefile.sys 0 0f:\pagefile.sys 1536 3072 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 298,08 Gb Total Space | 92,82 Gb Free Space | 31,14% Space Free | Partition Type: NTFS
      Drive E: | 45,26 Gb Total Space | 4,90 Gb Free Space | 10,82% Space Free | Partition Type: NTFS
      Drive F: | 29,29 Gb Total Space | 6,51 Gb Free Space | 22,22% Space Free | Partition Type: NTFS

      Computer Name: JOSEGREGORIO-PC | User Name: Jose Gregorio | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Jose Gregorio\Desktop\OTL\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      PRC - C:\Windows\System32\atieclxx.exe (AMD)
      PRC - C:\Windows\System32\atiesrxx.exe (AMD)
      PRC - c:\Archivos de programa\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation)
      PRC - c:\Archivos de programa\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Archivos de programa\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
      PRC - C:\Archivos de programa\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Winstep\WsxService.exe (Winstep Software Technologies)
      PRC - C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
      PRC - C:\Archivos de programa\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\RocketDock\RocketDock.exe ()
      PRC - C:\Archivos de programa\Stardock\ObjectDock\ObjectDock.exe (Stardock)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\VS7Debug\mdm.exe (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\1352c3e5dd49f3bf8c2f8e106ceb79fb\WindowsFormsIntegration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\9fedec1f005f9e39f8dde611c4c27cab\UIAutomationProvider.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4209aa9559e29ce30e4e92f31ac3472f\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5e3ccfdf88ccd6a9ff4e6ddae7e3fec6\System.Xaml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c881e2d2ec912499834feb85c4c2e483\PresentationFramework.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\cbb227c0a77a5b15a1255220984239f2\PresentationFramework.Aero.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\752225ca2585aa8f1c46b489e172e920\System.Core.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
      MOD - C:\Archivos de programa\RocketDock\RocketDock.exe ()
      MOD - C:\Archivos de programa\RocketDock\RocketDock.dll ()
      MOD - C:\Archivos de programa\Stardock\ObjectDock\DockShellHook.dll ()
      MOD - C:\Archivos de programa\Stardock\ObjectDock\zlib.dll ()
      MOD - C:\Archivos de programa\Stardock\ObjectDock\CrashRpt.dll ()
      MOD - C:\Archivos de programa\Common Files\Stardock\ODimg.dll ()


      ========== Services (SafeList) ==========

      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
      SRV - (MozillaMaintenance) -- C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
      SRV - (NisSrv) -- c:\Archivos de programa\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
      SRV - (MsMpSvc) -- c:\Archivos de programa\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (FLEXnet Licensing Service) -- C:\Archivos de programa\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (Winstep Xtreme Service) -- C:\Program Files\Winstep\WsxService.exe (Winstep Software Technologies)
      SRV - (EhttpSrv) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
      SRV - (ekrn) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
      SRV - (SwitchBoard) -- C:\Archivos de programa\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (odserv) -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
      SRV - (MDM) -- C:\Archivos de programa\Common Files\microsoft shared\VS7Debug\mdm.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (nvlddmkm) -- system32\DRIVERS\nvlddmkm.sys File not found
      DRV - (MSICDSetup) -- D:\CDriver.sys File not found
      DRV - (a0fe348j) -- File not found
      DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
      DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
      DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
      DRV - (AODDriver4.2) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys (Advanced Micro Devices)
      DRV - (AODDriver4.01) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys (Advanced Micro Devices)
      DRV - (AODDriver4.0) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys (Advanced Micro Devices)
      DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
      DRV - (eamonm) -- C:\Windows\System32\drivers\eamonm.sys (ESET)
      DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
      DRV - (epfwwfpr) -- C:\Windows\System32\drivers\epfwwfpr.sys (ESET)
      DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
      DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)
      DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
      DRV - (pavboot) -- C:\Windows\System32\drivers\pavboot.sys (Panda Security, S.L.)
      DRV - (irsir) -- C:\Windows\System32\drivers\irsir.sys (Microsoft Corporation)
      DRV - (pfc) -- C:\Windows\System32\drivers\pfc.sys (Padus, Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN España: Hotmail, Messenger, Skype y Cuenta Microsoft
      IE - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es
      IE - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 EA F9 51 87 11 CC 01 [binary data]
      IE - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "(Google)"
      FF - prefs.js..browser.search.defaulturl: "www.Google.com"
      FF - prefs.js..browser.search.order.1: "(Google)"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..extensions.enabledAddons: {a3a5c777-f583-4fef-9380-ab4add1bc2a8}:4.1
      FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
      FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
      FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37
      FF - prefs.js..keyword.URL: "https://www.google.com/search?q="
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
      FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
      FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
      FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Jose Gregorio\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jose Gregorio\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jose Gregorio\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Jose Gregorio\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Jose Gregorio\AppData\Local\RewardsArcade\498\Firefox
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 16:04:46 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/27 16:04:39 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/06/02 19:05:43 | 000,000,000 | ---D | M]

      [2011/05/13 23:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jose Gregorio\AppData\Roaming\mozilla\Extensions
      [2012/11/19 17:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jose Gregorio\AppData\Roaming\mozilla\Firefox\Profiles\2uk9g4is.default\extensions
      [2012/03/08 19:06:16 | 000,013,666 | ---- | M] () (No name found) -- C:\Users\Jose Gregorio\AppData\Roaming\mozilla\firefox\profiles\2uk9g4is.default\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi
      [2012/10/27 16:04:37 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      [2012/10/27 16:04:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
      [2012/10/27 16:04:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
      [2012/10/27 16:04:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
      [2012/10/27 16:04:37 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Archivos de programa\Mozilla Firefox\extensions\[email protected]_bak
      [2012/10/27 16:04:37 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
      [2012/10/27 16:04:37 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
      [2012/10/27 16:04:37 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
      [2012/10/27 16:04:46 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
      [2011/12/09 12:53:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
      [2012/09/08 13:56:01 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
      [2012/09/08 13:56:01 | 000,003,882 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
      [2012/09/08 13:56:01 | 000,001,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-es.xml
      [2012/10/21 09:50:10 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
      [2012/09/08 13:56:01 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/09/08 13:56:01 | 000,001,102 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: Google
      CHR - Extension: No name found = C:\Users\Jose Gregorio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
      CHR - Extension: No name found = C:\Users\Jose Gregorio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
      CHR - Extension: No name found = C:\Users\Jose Gregorio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

      O1 HOSTS File: ([2011/04/30 19:32:52 | 000,000,820 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: 127.0.0.1 activate.adobe.com
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
      O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
      O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Archivos de programa\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000..\Run: [AdobeBridge] File not found
      O4 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
      O4 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      O4 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000..\Run: [Facebook Update] C:\Users\Jose Gregorio\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000..\Run: [NeXuS] C:\Program Files\Winstep\Nexus.exe (Winstep Software Technologies)
      O4 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
      O4 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - Startup: C:\Users\Jose Gregorio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Jose Gregorio\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
      O4 - Startup: C:\Users\Jose Gregorio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Archivos de programa\Stardock\ObjectDock\ObjectDock.exe (Stardock)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O7 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O13 - gopher Prefix: missing
      O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
      O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
      O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
      O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
      O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
      O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
      O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
      O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
      O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
      O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
      O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
      O15 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\..Trusted Domains: clonewarsadventures.com ([]* in Sitios de confianza)
      O15 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\..Trusted Domains: freerealms.com ([]* in Sitios de confianza)
      O15 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\..Trusted Domains: soe.com ([]* in Sitios de confianza)
      O15 - HKU\S-1-5-21-3432426774-4217588120-1118351212-1000\..Trusted Domains: sony.com ([]* in Sitios de confianza)
      O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (BitDefender QuickScan Control)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_37)
      O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/actives.../as2stubie.cab (ActiveScan 2.0 Installer Class)
      O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_37)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BA68E05-1F9F-4D9A-9C0D-7C65906BFF57}: DhcpNameServer = 192.168.1.1
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Archivos de programa\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 17:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O32 - AutoRun File - [2010/03/30 18:25:28 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found

      MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Archivos de programa\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
      MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: AdobeCS6ServiceManager - hkey= - key= - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: Facebook Update - hkey= - key= - C:\Users\Jose Gregorio\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\Jose Gregorio\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
      MsConfig - StartUpReg: hpqSRMon - hkey= - key= - C:\Archivos de programa\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
      MsConfig - StartUpReg: RIMBBLaunchAgent.exe - hkey= - key= - C:\Archivos de programa\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
      MsConfig - StartUpReg: SwitchBoard - hkey= - key= - C:\Archivos de programa\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: XWidget - hkey= - key= - C:\Archivos de programa\XWidget\xwidget.exe (xwidget.com)
      MsConfig - State: "startup" - 2
      MsConfig - State: "bootini" - 2

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/12/01 18:52:07 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\Desktop\OTL
      [2012/12/01 18:39:52 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2012/12/01 18:28:00 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\Desktop\JavaraOld
      [2012/12/01 18:26:46 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\Desktop\JavaRa
      [2012/12/01 14:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
      [2012/12/01 12:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
      [2012/12/01 12:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
      [2012/12/01 09:47:04 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Roaming\Malwarebytes
      [2012/12/01 09:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/12/01 09:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/12/01 09:46:55 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2012/12/01 09:46:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2012/12/01 07:03:43 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{A2F30C96-7A12-445C-AE92-715A4600319C}
      [2012/11/30 23:32:54 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{E4E91733-7F32-4CDE-B9FE-EA1E353E7366}
      [2012/11/30 23:15:12 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{72194F46-4525-4CCC-9434-BD7D475710B9}
      [2012/11/30 11:30:16 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{6706EBDA-E88E-435B-8F73-ED540E92D18F}
      [2012/11/29 22:02:07 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{1C6CCA6B-7B29-4F13-B6A7-7A5BBC415F9E}
      [2012/11/29 12:23:27 | 000,000,000 | -H-D | C] -- C:\Users\Jose Gregorio\Documents\Freemake_do_not_remove_this_folder634897886073416000
      [2012/11/28 18:35:08 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{6EFD9143-D2B0-4859-BD56-FAA5173F04D0}
      [2012/11/28 18:29:22 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{ACF98A7F-561A-4A58-BE6A-BEBFF9CDCE63}
      [2012/11/27 21:16:56 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{511F2AE8-A00E-4861-99F2-CDFA2E464536}
      [2012/11/27 21:11:58 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{5A183A26-5538-4BC4-B126-70FF147140A2}
      [2012/11/27 05:05:22 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{14A5FE83-DFEA-437B-993A-3445B8B2E923}
      [2012/11/25 22:45:06 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{F5D38550-EA06-40F9-A12C-E60BA3F15D63}
      [2012/11/24 17:14:04 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{03A7F72C-BE37-461B-A4F7-03FC25FECF16}
      [2012/11/23 07:00:50 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{964D85C6-7B8D-40CA-A50F-225CDCB72A0F}
      [2012/11/23 06:55:51 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{6762CEFA-D590-4F38-8248-0D22FA628B1A}
      [2012/11/22 18:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Muse
      [2012/11/22 06:19:11 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{4A1BCFCE-28AE-4AF8-A143-81D5954B36F8}
      [2012/11/21 08:07:30 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{C505E915-7B4B-4A04-B67F-2D37C4E94133}
      [2012/11/20 08:14:45 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{3B3B2603-8C2C-4639-A21E-B5ACAB0DF052}
      [2012/11/19 07:43:59 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{E5598E0B-202A-48CC-96F4-F5C5EB1B9C84}
      [2012/11/18 13:13:57 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{1CB63536-00B8-499E-90F9-37BD1A45C770}
      [2012/11/17 23:22:58 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{A05EA147-92AE-4B4D-AB8F-C5EB655FB089}
      [2012/11/17 19:42:11 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{17F3229F-E3A6-45E9-8801-C632E9D44CB7}
      [2012/11/17 09:29:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
      [2012/11/17 09:29:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\XCPCSync.OEM
      [2012/11/17 07:41:42 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{4D8E3333-DAAA-4FE9-89FF-1F9B0DC9E2AF}
      [2012/11/16 12:47:17 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{9011B103-D2C0-40B2-A812-015BAF7ACD2A}
      [2012/11/16 00:46:50 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{F5A4EB57-06B7-4CC0-BB37-A0D883047C9F}
      [2012/11/15 08:31:24 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{AA7E4639-ED91-4148-80EC-0A0B7B411C42}
      [2012/11/14 10:36:19 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{511C0AE5-2FDA-430B-BD19-165101596952}
      [2012/11/14 07:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
      [2012/11/14 07:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT
      [2012/11/14 07:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
      [2012/11/14 07:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
      [2012/11/13 20:26:55 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{3CA779F7-8680-4317-8401-164F9EEB1F69}
      [2012/11/12 22:24:37 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{98852CAF-38E2-4CEF-96EB-712F7BB0EEDF}
      [2012/11/12 05:53:50 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{BE3C0784-5D7B-4CEE-8FE4-6FD4387558AD}
      [2012/11/12 05:51:41 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{0D3857B6-D9EC-49AD-AE37-0B1D8A3418A6}
      [2012/11/09 18:36:04 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{30240909-FFB7-4934-9A25-F14843B9DCEE}
      [2012/11/09 14:42:37 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\Desktop\Noviembre 2012
      [2012/11/09 06:34:54 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{86DB3E16-2AC5-49AD-942A-67920704087B}
      [2012/11/08 18:19:55 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{7EE61E67-C0F2-4DEA-9589-BAA53DB217DC}
      [2012/11/08 06:19:25 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{7ACEFDD5-DE6B-413B-99A1-7B57AFC4EF10}
      [2012/11/07 12:56:53 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\Desktop\memes en HD
      [2012/11/07 10:21:18 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{1DE4FEE2-1D37-4503-AA65-8EE8F16483E9}
      [2012/11/06 21:24:05 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{7B45DEC5-0C02-41F0-A651-E8E8D7196B66}
      [2012/11/06 08:55:53 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{5D1FE1AA-6CFC-4D1A-9697-8C023591D375}
      [2012/11/06 08:43:10 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{534C988B-CCF2-4023-BF44-43BE33F88D78}
      [2012/11/05 20:39:11 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{35F67A68-0301-4CCC-9DAF-CC26D76A17D2}
      [2012/11/04 22:22:35 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{0AB312D9-C543-4EFB-8503-F580FE29A459}
      [2012/11/04 10:22:05 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{CD8A67BE-5008-435A-906E-8DA6ED7822B0}
      [2012/11/03 13:21:31 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{EA3B5ED2-C142-4713-9BE4-2C5914C9145D}
      [2012/11/03 13:12:21 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{5F00BD46-FE89-4036-B1A1-EC6D5F1F4BD3}
      [2012/11/02 15:36:29 | 000,000,000 | ---D | C] -- C:\Users\Jose Gregorio\AppData\Local\{2193D7C7-FA75-4CB3-8173-96339D9AA308}
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/12/01 18:50:13 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/12/01 18:50:13 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/12/01 18:43:08 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/12/01 18:42:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/12/01 18:42:36 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys
      [2012/12/01 18:40:00 | 000,001,148 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3432426774-4217588120-1118351212-1000UA.job
      [2012/12/01 18:38:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/12/01 18:36:18 | 000,008,812 | ---- | M] () -- C:\Users\Jose Gregorio\Documents\01122012cc_20121201_183600.reg
      [2012/12/01 18:34:03 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3432426774-4217588120-1118351212-1000UA.job
      [2012/12/01 18:32:53 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2012/12/01 18:27:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/12/01 18:15:20 | 000,848,734 | ---- | M] () -- C:\AT-Cuarentena
      [2012/12/01 14:49:14 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
      [2012/12/01 13:11:45 | 000,001,441 | ---- | M] () -- C:\scu.dat
      [2012/12/01 11:34:02 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3432426774-4217588120-1118351212-1000Core.job
      [2012/12/01 09:46:56 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/11/30 21:40:01 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3432426774-4217588120-1118351212-1000Core.job
      [2012/11/30 14:47:35 | 000,379,396 | ---- | M] () -- C:\Users\Jose Gregorio\Desktop\iphone5fail.jpg
      [2012/11/30 09:30:36 | 000,707,422 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2012/11/30 09:30:36 | 000,618,936 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2012/11/30 09:30:36 | 000,138,990 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2012/11/30 09:30:36 | 000,107,256 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2012/11/29 19:33:08 | 000,745,233 | ---- | M] () -- C:\Users\Jose Gregorio\Desktop\PresupuestoBahiaBlancaPlacasGranito.jpg
      [2012/11/27 05:52:07 | 000,216,161 | ---- | M] () -- C:\Users\Jose Gregorio\Desktop\Obelisco.jpg
      [2012/11/26 08:38:54 | 000,507,529 | ---- | M] () -- C:\Users\Jose Gregorio\Desktop\PresupuestoBahiaBlancaPlacasMarmol.jpg
      [2012/11/25 18:48:13 | 000,091,858 | ---- | M] () -- C:\Users\Jose Gregorio\Desktop\546835_10151157099203822_1657453492_n.jpg
      [2012/11/22 19:03:47 | 000,001,607 | ---- | M] () -- C:\Users\Jose Gregorio\AppData\Local\Cracklock.settings
      [2012/11/21 22:57:38 | 000,515,648 | ---- | M] () -- C:\Users\Jose Gregorio\Documents\Dicloroacetato.pdf
      [2012/11/19 10:21:13 | 004,113,848 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
      [2012/11/17 16:24:15 | 000,013,785 | ---- | M] () -- C:\ads_err.adt
      [2012/11/17 16:07:06 | 000,004,559 | ---- | M] () -- C:\ads_err.adm
      [2012/11/17 16:07:06 | 000,003,072 | ---- | M] () -- C:\ads_err.adi
      [2012/11/17 16:01:26 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_RimUsb_01007.Wdf
      [2012/11/17 15:48:24 | 000,001,944 | ---- | M] () -- C:\Users\Jose Gregorio\Documents\Clave de recuperación de Firefox.html
      [2012/11/17 13:20:08 | 000,000,132 | ---- | M] () -- C:\Users\Jose Gregorio\AppData\Roaming\Adobe GIF Format CS5 Prefs
      [2012/11/17 09:30:40 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_RimSerial_01007.Wdf
      [2012/11/17 08:54:06 | 000,040,448 | ---- | M] () -- C:\Users\Jose Gregorio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/11/14 15:55:25 | 000,002,681 | ---- | M] () -- C:\Users\Jose Gregorio\Desktop\Dora pa Luis.mpcpl
      [2012/11/09 14:41:20 | 088,018,852 | ---- | M] () -- C:\Users\Jose Gregorio\Desktop\PendonNiñaCumple.tif
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/12/01 18:36:17 | 000,008,812 | ---- | C] () -- C:\Users\Jose Gregorio\Documents\01122012cc_20121201_183600.reg
      [2012/12/01 18:32:53 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2012/12/01 14:49:14 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
      [2012/12/01 14:49:10 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
      [2012/12/01 11:30:05 | 000,001,441 | ---- | C] () -- C:\scu.dat
      [2012/12/01 09:46:56 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/11/30 14:47:33 | 000,379,396 | ---- | C] () -- C:\Users\Jose Gregorio\Desktop\iphone5fail.jpg
      [2012/11/29 19:33:06 | 000,745,233 | ---- | C] () -- C:\Users\Jose Gregorio\Desktop\PresupuestoBahiaBlancaPlacasGranito.jpg
      [2012/11/27 05:50:23 | 000,216,161 | ---- | C] () -- C:\Users\Jose Gregorio\Desktop\Obelisco.jpg
      [2012/11/26 08:34:30 | 000,507,529 | ---- | C] () -- C:\Users\Jose Gregorio\Desktop\PresupuestoBahiaBlancaPlacasMarmol.jpg
      [2012/11/25 18:48:12 | 000,091,858 | ---- | C] () -- C:\Users\Jose Gregorio\Desktop\546835_10151157099203822_1657453492_n.jpg
      [2012/11/21 22:57:38 | 000,515,648 | ---- | C] () -- C:\Users\Jose Gregorio\Documents\Dicloroacetato.pdf
      [2012/11/17 16:06:46 | 000,013,785 | ---- | C] () -- C:\ads_err.adt
      [2012/11/17 16:06:46 | 000,004,559 | ---- | C] () -- C:\ads_err.adm
      [2012/11/17 16:06:46 | 000,003,072 | ---- | C] () -- C:\ads_err.adi
      [2012/11/17 16:01:26 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_RimUsb_01007.Wdf
      [2012/11/17 15:48:04 | 000,001,944 | ---- | C] () -- C:\Users\Jose Gregorio\Documents\Clave de recuperación de Firefox.html
      [2012/11/17 09:30:40 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_RimSerial_01007.Wdf
      [2012/11/14 15:55:25 | 000,002,681 | ---- | C] () -- C:\Users\Jose Gregorio\Desktop\Dora pa Luis.mpcpl
      [2012/11/14 08:22:18 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
      [2012/11/14 08:21:34 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
      [2012/11/09 14:41:17 | 088,018,852 | ---- | C] () -- C:\Users\Jose Gregorio\Desktop\PendonNiñaCumple.tif
      [2012/09/28 15:36:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
      [2012/09/12 10:22:06 | 000,001,607 | ---- | C] () -- C:\Users\Jose Gregorio\AppData\Local\Cracklock.settings
      [2012/09/05 11:55:00 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
      [2012/09/05 11:53:43 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
      [2012/07/15 11:57:35 | 000,001,456 | ---- | C] () -- C:\Users\Jose Gregorio\AppData\Local\Adobe Save for Web 13.0 Prefs
      [2012/05/23 11:01:02 | 000,632,252 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
      [2012/05/02 2011 | 000,000,132 | ---- | C] () -- C:\Users\Jose Gregorio\AppData\Roaming\Adobe PNG Format CS6 Prefs
      [2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
      [2012/04/26 23:16:25 | 000,000,132 | ---- | C] () -- C:\Users\Jose Gregorio\AppData\Roaming\Adobe GIF Format CS6 Prefs
      [2012/02/29 20:44:59 | 000,000,132 | ---- | C] () -- C:\Users\Jose Gregorio\AppData\Roaming\Adobe PNG Format CS5 Prefs
      [2012/01/26 10:46:06 | 000,000,132 | ---- | C] () -- C:\Users\Jose Gregorio\AppData\Roaming\Adobe BMP Format CS5 Prefs
      [2011/12/28 22:37:30 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
      [2011/12/28 22:37:30 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
      [2011/12/28 22:37:30 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
      [2011/11/15 00:17:36 | 000,007,597 | ---- | C] () -- C:\Users\Jose Gregorio\AppData\Local\Resmon.ResmonCfg
      [2011/11/04 08:51:55 | 000,110,592 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
      [2011/11/04 08:50:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
      [2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OVDecoder.dll
      [2011/09/12 17:36:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
      [2011/08/03 03:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
      [2011/07/12 00:49:21 | 000,000,132 | ---- | C] () -- C:\Users\Jose Gregorio\AppData\Roaming\Adobe GIF Format CS5 Prefs
      [2011/05/17 15:07:44 | 000,040,448 | ---- | C] () -- C:\Users\Jose Gregorio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2011/05/17 11:17:35 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
      [2011/05/17 10:11:35 | 000,244,679 | ---- | C] () -- C:\Windows\hpoins19.dat
      [2011/05/17 10:11:35 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
      [2011/05/13 23:26:25 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
      [2011/05/13 23:19:23 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
      [2011/05/13 19:57:40 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
      [2011/05/13 04:51:27 | 004,113,848 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
      [2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

      ========== ZeroAccess Check ==========

      [2009/07/14 00:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:16:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:45:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/11/30 23:29:09 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\Azureus
      [2011/11/19 16:20:16 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\Blackberry Desktop
      [2011/05/17 14:28:36 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [2012/05/10 17:48:54 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [2012/05/02 16:35:39 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
      [2012/08/13 01:19:13 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\DAEMON Tools Lite
      [2012/09/05 11:33:42 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\Dropbox
      [2011/05/15 22:13:54 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\GHISLER
      [2012/03/26 09:26:40 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\PDAppFlex
      [2011/11/14 23:35:03 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\QuickScan
      [2011/07/11 07:20:19 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\Research In Motion
      [2011/07/02 14:28:59 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\Sierra Entertainment
      [2011/05/17 09:22:09 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
      [2011/07/13 00:48:23 | 000,000,000 | ---D | M] -- C:\Users\Jose Gregorio\AppData\Roaming\Thinstall

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/11/17 16:07:06 | 000,003,072 | ---- | M] () -- C:\ads_err.adi
      [2012/11/17 16:07:06 | 000,004,559 | ---- | M] () -- C:\ads_err.adm
      [2012/11/17 16:24:15 | 000,013,785 | ---- | M] () -- C:\ads_err.adt
      [2012/12/01 18:15:20 | 000,848,734 | ---- | M] () -- C:\AT-Cuarentena
      [2012/12/01 18:41:20 | 000,018,364 | ---- | M] () -- C:\AT-Destroyer.txt
      [2009/06/10 17:12:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2012/10/11 10:52:16 | 128,669,988 | ---- | M] () -- C:\Beisbol.psd
      [2009/07/13 21:08:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
      [2011/05/13 05:50:39 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2009/06/10 17:12:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2011/05/13 11:29:56 | 000,203,316 | RHS- | M] () -- C:\grldr
      [2012/12/01 18:42:36 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys
      [2012/05/23 11:17:43 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2012/12/01 18:30:55 | 000,003,983 | ---- | M] () -- C:\JavaRa.log
      [2012/05/23 11:17:43 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2012/12/01 18:42:37 | 3219,644,416 | -HS- | M] () -- C:\pagefile.sys
      [2012/12/01 13:11:45 | 000,001,441 | ---- | M] () -- C:\scu.dat
      [2011/11/14 22:42:20 | 000,002,608 | ---- | M] () -- C:\shared.log
      [2011/05/13 11:30:19 | 000,000,003 | RHS- | M] () -- C:\win7ldr

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34
      @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0A8E2C33

      < End of report >

    Página 1 de 2 12 ÚltimoÚltimo