• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 14

    pc muy muy lenta y pagina de babylon en exploradores

    hola, me pueden ayudar?mi pc sta sumamente lenta, intente pasar el AT Destroyer pero la pc paralizo 2 veces. ademas de como indique mucho programas basura de toolbars y la pagina de babylon en fire ...

    1. #1
      Usuario Avatar de edson2012
      Registrado
      dic 2012
      Ubicación
      acapulco mexico
      Mensajes
      8

      pc muy muy lenta y pagina de babylon en exploradores

      hola, me pueden ayudar?mi pc sta sumamente lenta, intente pasar el AT Destroyer pero la pc paralizo 2 veces.
      ademas de como indique mucho programas basura de toolbars y la pagina de babylon en fire fox, chrome etc

    2. #2
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.708

      Re: pc muy muy lenta y pagina de babylon en exploradores

      Buenas edson2012. al Foro.

      Temas que interesa revisar y leer :

      Consejos para antes de publicar un nuevo mensaje.

      Políticas del Foro de InfoSpyware.

      Políticas Foro Oficial de HijackThis en español.

      ¿Cómo subir imágenes al Foro? *TUTORIAL*
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Ahora sigue estos pasos, y en el orden indicado :

      Descarga y ejecuta >> Ccleaner.

      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      Descarga, actualiza y ejecuta >> Malwarebytes’ Anti-Malware.

      • En la pestaña Actualizar pulsas sobre el botón "Buscar Actualizaciones"
      • En la pestaña Escáner marcas "Realizar un Examen Completo."
      • Con la opción de "quitar lo seleccionado" lo mandas todo a la cuarentena y reinicias el sistema.
      • En la pestaña "Registros", encontrarás el informe del MBAM, lo copias y pegas en tu próxima respuesta, para analizarlo.


      Descarga >> AT-Destroyer 2.0 (by InfoSpyware) | InfoSpyware

      • Cierra TODOS los programas que tengas abiertos, y >> Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer. (Si usas Windows Vista o 7 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En el menú pulsa sobre la opción "Buscar y Destruir".
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • Si detecta infecciones se te indicara y pulsas en Aceptar.
      • Al finalizar el proceso te pedirá Reiniciar, pulsa para Aceptar.
      • Al Iniciar de nuevo Windows se te abrirá un reporte/informe, que deberás copiar en tu próxima respuesta, comentando cómo funciona el sistema.(También puedes encontrarlo en C:\AT-Destroyer.txt)


      Si el proceso de AT-Destroyer se te volviera a paralizar, córtalo y comprueba si se ha generado el informe, para ponerlo cuando nos respondas, y sigues con el siguiente paso.


      Y finalmente descarga >> OTL By OldTimer

      *** Para Ejecutar OTL sigue estos pasos :

      • Cerrar todos programas que tengas abiertos y hacer doble click en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar la casilla Analizar Todos.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones: Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar las líneas del siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Código:
        Código:
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT


      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presionar el botón .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.


      En tu próxima respuesta recuerda:

      - Ponernos los informes de Malwarebytes, AT-Destroyer y OTL.txt.

      - Y nos cuentas como funciona tu equipo, en relación al problema planteado.

      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de edson2012
      Registrado
      dic 2012
      Ubicación
      acapulco mexico
      Mensajes
      8

      Re: pc muy muy lenta y pagina de babylon en exploradores

      Malwarebytes Anti-Malware 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.12.05.02

      Windows 7 Service Pack 1 x86 NTFS
      Internet Explorer 9.0.8112.16421
      Jessica :: JESSICA-PC [administrador]

      05/12/2012 04:24:15 p.m.
      mbam-log-2012-12-05 (16-24-15).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 327843
      Tiempo transcurrido: 6 hora(s), 4 minuto(s), 18 segundo(s)

      Procesos en Memoria Detectados: 3
      C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.BundleInstaller.IB) -> 820 -> Se eliminarán al reiniciar.
      C:\ProgramData\bProtector\bProtect.exe (PUP.BProtector) -> 1784 -> Se eliminarán al reiniciar.
      C:\ProgramData\bProtector\bProtect.exe (PUP.BProtector) -> 2540 -> Se eliminarán al reiniciar.

      Módulos de Memoria Detectados: 1
      C:\Windows\System32\protector.dll (PUP.BProtector) -> Se eliminarán al reiniciar.

      Claves del Registro Detectados: 7
      HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.BundleInstaller.IB) -> En cuarentena y eliminado con éxito.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service (PUP.BundleInstaller.IB) -> En cuarentena y eliminado con éxito.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDF Reader (Adware.Agent) -> En cuarentena y eliminado con éxito.
      HKLM\SYSTEM\CurrentControlSet\Services\bProtector (PUP.BProtector) -> En cuarentena y eliminado con éxito.
      HKCU\SOFTWARE\BPROTECTOR (PUP.BProtector) -> En cuarentena y eliminado con éxito.
      HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> En cuarentena y eliminado con éxito.
      HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> En cuarentena y eliminado con éxito.

      Valores del Registro Detectados: 2
      HKCU\SOFTWARE\bProtector|iexplore homepages (PUP.BProtector) -> datos: http://search.babylon.com/?babsrc=HP_ss&affID=101295&mntrId=3e346aad000000000000d0df9ad25ad4^mx.v9.com/slb/slb_1330249219_464152^http://search.babylon.com/?AF=108714&babsrc=HP_ss&mntrId=3e346aad000000000000d0df9ad25ad4^http://search.softonic.com/MON00033/tb_v1?SearchSource=10&cc=^http://search.babylon.com/?affID=110819&tt=060612_8_&babsrc=HP_ss&mntrId=3e346aad000000000000d0df9ad25ad4^http://search.conduit.com?SearchSource=10&ctid=CT2851619^http://search.babylon.com/?affID=115290&tt=4712_5&babsrc=HP_ss&mntrId=3e346aad000000000000d0df9ad25ad4^^ -> En cuarentena y eliminado con éxito.
      HKLM\SYSTEM\CurrentControlSet\Services\bProtector|ImagePath (PUP.BProtector) -> datos: C:\ProgramData\bProtector\bProtect.exe -> En cuarentena y eliminado con éxito.

      Elementos de Datos del Registro Detectados: 1
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.BProtector) -> Malo: (protector.dll) Bueno: () -> En cuarentena y reparado con éxito.

      Carpetas Detectadas: 2
      C:\ProgramData\bProtector (PUP.BProtector) -> Se eliminarán al reiniciar.
      C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Se eliminarán al reiniciar.

      Archivos Detectados: 6
      C:\Windows\System32\protector.dll (PUP.BProtector) -> Se eliminarán al reiniciar.
      C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.BundleInstaller.IB) -> Se eliminarán al reiniciar.
      C:\Program Files\PDFReader\Uninstall\Uninstall.exe (Adware.Agent) -> En cuarentena y eliminado con éxito.
      C:\ProgramData\bProtector\bProtect.settings (PUP.BProtector) -> Se eliminarán al reiniciar.
      C:\ProgramData\bProtector\bProtect.exe (PUP.BProtector) -> Se eliminarán al reiniciar.
      C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> En cuarentena y eliminado con éxito.

      fin)

    4. #4
      Usuario Avatar de edson2012
      Registrado
      dic 2012
      Ubicación
      acapulco mexico
      Mensajes
      8

      Re: pc muy muy lenta y pagina de babylon en exploradores

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 2303 \\\ 05/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:17.0.1.4715
      Privilegios: Jessica - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: JESSICA-PC
      Información del sistema operativo:X86-WIN_7-Service Pack 1
      nombre del usuario:Jessica
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\Users\Jessica\AppData\Roaming\Babylon\log_file.txt (W32/PND.Babylon Toolbar)
      C:\Users\Jessica\AppData\Roaming\Babylon (W32/PND.Babylon Toolbar)
      C:\Program Files\DealPly\DealPly.crx (W32/PND.DealPly)
      C:\Program Files\DealPly\DealPly.xpi (W32/PND.DealPly)
      C:\Program Files\DealPly\DealPlyIE.dll (W32/PND.DealPly)
      C:\Program Files\DealPly\DealPlyTune.dll (W32/PND.DealPly)
      C:\Program Files\DealPly\DealPlyUpdate.exe (W32/PND.DealPly)
      C:\Program Files\DealPly\DealPlyUpdate.log (W32/PND.DealPly)
      C:\Program Files\DealPly\DealPlyUpdateRun.exe (W32/PND.DealPly)
      C:\Program Files\DealPly\icon.ico (W32/PND.DealPly)
      C:\Program Files\DealPly\uninst.exe (W32/PND.DealPly)
      C:\Program Files\DealPly (W32/PND.DealPly)
      C:\ProgramData\SweetIM\Messenger (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\adapter.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\autoupdate.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\contentpackages.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\logger.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\messages.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\sweetim.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\sweetimapp.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\users (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\users\[email protected] (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\users\[email protected]\content_update_notification.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\users\[email protected]\emoticons_shortcut.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\users\[email protected]\user_config.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\users\[email protected] (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\users\[email protected]\content_update_notification.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\users\[email protected]\emoticons_shortcut.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\users\[email protected]\user_config.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\conf\users\main_user_config.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0104 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0104\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0104\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0104\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0104\validator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0130 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0130\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0130\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0130\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0130\validator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0158 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0158\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0158\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0158\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0158\validator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0159 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0159\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0159\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0159\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0159\validator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0160 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0160\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0160\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0160\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0160\validator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0161 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0161\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0161\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0161\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0161\validator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0163 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0163\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0163\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0163\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0163\validator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0164 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0164\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0164\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0164\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0164\validator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0168 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0168\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0168\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0168\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0168\validator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0171 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0171\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0171\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0171\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\bar0171\validator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\default (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\default\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\default\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\default\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\100\default\validator.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\100 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\100\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\100\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\100\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\200 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\200\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\200\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\200\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\400 (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\400\bar.html (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\400\bar.js (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\Bars\Default\400\bar.swf (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\contentdb (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\contentdb\cache_indx.dat (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\contentdb\installcontentvalidation.xml (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\packages (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog\activationFail.htm (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog\close_but.gif (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog\failure_dialog_BG.jpg (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\logs (W32/PND.SweetIM)
      C:\ProgramData\SweetIM\Messenger\update (W32/PND.SweetIM)
      C:\ProgramData\SweetIM (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\ContentPackagesActivationHandler.exe (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\default.xml (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgArchive.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgcommon.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgcommunication.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgconfig.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgFlashPlayer.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mghooking.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgICQAuto.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgICQMessengerAdapter.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mglogger.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgMediaPlayer.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgMsnAuto.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgMsnMessengerAdapter.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgsimcommon.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgSweetIM.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgYahooAuto.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\mgYahooMessengerAdapter.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\msvcp71.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\msvcr71.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources\images (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources\images\AudibleButton.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources\images\EmoticonButton.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources\images\GamesButton.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources\images\KeyboardButton.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources\images\NudgeButton.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources\images\SoundFxButton.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources\images\WinksButton.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources\sqlite (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Messenger\SweetIM.exe (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\default.xml (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\mghooking.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\about.html (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\bing.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dating.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\find.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\games.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\google.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\help.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\music.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\news.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\options.html (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\photos.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\video.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js (W32/PND.SweetIM)
      C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png (W32/PND.SweetIM)
      C:\Program Files\SweetIM (W32/PND.SweetIM) <--Se eliminará la carpeta y los subdirectorios al reiniciar
      C:\ProgramData\Browser Manager\2.5.911.18 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\mngr-16.0.dll (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\mngr-3.6.xpt (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\mngr.js (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.crx (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.settings (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager (W32/Adware.BrowserCompanion) <--Se eliminará la carpeta y los subdirectorios al reiniciar
      C:\Program Files\Conduit\Community Alerts 92
      C:\Program Files\Conduit\Community Alerts\Alert.dll 92
      C:\Program Files\Conduit 92
      C:\ProgramData\Babylon (W32/PND.Babylon Toolbar)
      C:\ProgramData\Browser Manager\2.5.911.18 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\mngr-16.0.dll (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\mngr-3.6.xpt (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\mngr.js (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.crx (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.settings (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (W32/Adware.BrowserCompanion)
      C:\ProgramData\Browser Manager (W32/Adware.BrowserCompanion) <--Se eliminará la carpeta y los subdirectorios al reiniciar


      >>>>>> Archivos <<<<<<

      C:\Program Files\mozilla firefox\searchplugins\babylon.xml
      C:\Windows\System32\PSUNCpl.dat
      C:\user.js


      >>>>>> Registro <<<<<<

      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
      HKEY_CURRENT_USER\Software\Conduit
      HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar ----> {EEE6C35B-6118-11DC-9C72-001320C79847}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar ----> {D0F4A166-B8D4-48b8-9D63-80849FE137CB}
      HKLM64\Software\Microsoft\Internet Explorer\Toolbar ----> {D0F4A166-B8D4-48b8-9D63-80849FE137CB}


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\System32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==mx.v9.com/slb/slb_1330249219_464152


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==mx.v9.com/slb/slb_1330249219_464152


      HKEY_USERS\S-1-5-21-1570359875-2611548316-4100511052-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==mx.v9.com/slb/slb_1330249219_464152


      >>>>>> Firefox <<<<<<



      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\5
      C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
      C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
      C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm
      C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk
      C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph

      ======== Listado ===========

      [19/06/2012 03:34 p.m.] [16/01/2012 11:30 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\Apple Computer
      [30/11/2011 10:17 p.m.] [30/11/2011 10:17 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\CyberLink
      [05/11/2012 10:31 a.m.] [29/03/2012 05:29 p.m.] [DI] C:\Users\Jessica\AppData\Roaming\DivX
      [26/04/2012 01:41 a.m.] [26/04/2012 01:40 a.m.] [DI] C:\Users\Jessica\AppData\Roaming\dvdcss
      [26/02/2012 03:39 a.m.] [25/02/2012 10:05 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\eType
      [03/12/2011 08:06 p.m.] [03/12/2011 08:06 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\funkitron
      [19/11/2011 06:14 p.m.] [19/11/2011 06:14 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\Identities
      [11/11/2012 09:10 p.m.] [03/12/2011 06:52 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\Kingston
      [19/11/2011 06:15 p.m.] [19/11/2011 06:15 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\Macromedia
      [11/10/2012 10:19 p.m.] [11/10/2012 10:19 p.m.] [DI] C:\Users\Jessica\AppData\Roaming\Malwarebytes
      [08/10/2012 11:35 a.m.] [19/11/2011 06:14 p.m.] [SDI] C:\Users\Jessica\AppData\Roaming\Microsoft
      [04/12/2012 09:55 p.m.] [05/05/2012 02:36 a.m.] [DI] C:\Users\Jessica\AppData\Roaming\Mozilla
      [19/01/2012 10:54 p.m.] [19/01/2012 10:54 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\Panda Security
      [20/11/2011 10:09 p.m.] [20/11/2011 10:09 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\PlayFirst
      [20/04/2012 02:47 a.m.] [20/04/2012 02:44 a.m.] [DI] C:\Users\Jessica\AppData\Roaming\Research In Motion
      C:\Users\Jessica\AppData\Roaming\Rim.Desktop.Exception.log [AI] 1.27 KB ( )
      C:\Users\Jessica\AppData\Roaming\Rim.Desktop.HttpServerSetup.log [AI] 1.12 KB ( )
      C:\Users\Jessica\AppData\Roaming\Rim.DesktopHelper.Exception.log [AI] 1.42 KB ( )
      [14/11/2012 05:41 p.m.] [20/11/2011 10:27 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\Skype
      [10/12/2011 10:25 p.m.] [10/12/2011 10:25 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\SumatraPDF
      [05/12/2012 11:09 p.m.] [11/10/2012 08:03 p.m.] [DI] C:\Users\Jessica\AppData\Roaming\uTorrent
      [12/10/2012 07:53 p.m.] [23/11/2011 11:14 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\vlc
      [03/12/2011 08:00 p.m.] [03/12/2011 08:00 p.m.] [HDI] C:\Users\Jessica\AppData\Roaming\WebcamMax
      [12/10/2012 12:52 a.m.] [12/10/2012 12:52 a.m.] [DI] C:\Users\Jessica\AppData\Roaming\WinRAR
      [02/12/2012 12:24 p.m.] [02/12/2012 12:24 p.m.] [D] C:\Program Files\Apple Software Update
      [19/11/2011 06:14 p.m.] [19/11/2011 06:14 p.m.] [HSDLI] C:\Program Files\Archivos comunes
      [17/04/2012 11:25 p.m.] [17/04/2012 11:25 p.m.] [D] C:\Program Files\Ares
      [16/01/2012 11:20 p.m.] [16/01/2012 11:20 p.m.] [D] C:\Program Files\Bonjour
      [17/01/2012 12:21 p.m.] [17/01/2012 12:21 p.m.] [D] C:\Program Files\CCleaner
      [22/04/2012 07:57 p.m.] [13/07/2009 09:37 p.m.] [D] C:\Program Files\Common Files
      C:\Program Files\desktop.ini [HSA] 174 bytes( 0)
      [19/07/2011 10:11 a.m.] [19/07/2011 10:11 a.m.] [D] C:\Program Files\DIFX
      [29/03/2012 05:30 p.m.] [29/03/2012 05:23 p.m.] [D] C:\Program Files\DivX
      [17/11/2012 09:57 p.m.] [20/10/2012 03:33 a.m.] [D] C:\Program Files\DsNET Corp
      [12/09/2011 05:33 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\DVD Maker
      [11/09/2011 08:02 p.m.] [19/07/2011 10:19 a.m.] [D] C:\Program Files\eMachines
      [19/07/2011 10:17 a.m.] [19/07/2011 10:13 a.m.] [D] C:\Program Files\eMachines Games
      [25/06/2012 02:00 a.m.] [25/06/2012 02:00 a.m.] [D] C:\Program Files\FLVPlayer
      [17/11/2012 10:03 p.m.] [19/07/2011 09:57 a.m.] [HD] C:\Program Files\InstallShield Installation Information
      [19/07/2011 10:03 a.m.] [19/07/2011 09:59 a.m.] [D] C:\Program Files\Intel
      [31/03/2012 02:04 a.m.] [13/07/2009 09:37 p.m.] [D] C:\Program Files\Internet Explorer
      [02/12/2012 12:32 p.m.] [24/09/2012 11:09 p.m.] [D] C:\Program Files\iPod
      [02/12/2012 12:32 p.m.] [24/09/2012 11:09 p.m.] [D] C:\Program Files\iTunes
      [23/11/2011 11:28 p.m.] [23/11/2011 11:05 p.m.] [D] C:\Program Files\Java
      [23/11/2011 11:26 p.m.] [23/11/2011 11:12 p.m.] [HD] C:\Program Files\JDownloader
      [04/12/2012 09:36 p.m.] [04/12/2012 09:35 p.m.] [D] C:\Program Files\Malwarebytes' Anti-Malware
      [10/05/2012 06:57 p.m.] [10/01/2012 12:31 a.m.] [D] C:\Program Files\McAfee Security Scan
      [02/12/2012 06:36 p.m.] [11/09/2011 07:53 p.m.] [D] C:\Program Files\Microsoft
      [13/07/2009 11:52 p.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Microsoft Games
      [23/11/2011 08:39 p.m.] [11/09/2011 07:55 p.m.] [D] C:\Program Files\Microsoft Office
      [17/02/2012 03:45 p.m.] [17/02/2012 03:45 p.m.] [D] C:\Program Files\Microsoft Silverlight
      [19/07/2011 10:31 a.m.] [19/07/2011 10:31 a.m.] [D] C:\Program Files\Microsoft SQL Server Compact Edition
      [24/11/2011 12:51 a.m.] [23/11/2011 08:40 p.m.] [D] C:\Program Files\Microsoft Works
      [24/11/2011 01:12 p.m.] [23/11/2011 08:39 p.m.] [D] C:\Program Files\Microsoft.NET
      [04/12/2012 09:53 p.m.] [27/10/2012 12:27 a.m.] [D] C:\Program Files\Mozilla Firefox
      [04/12/2012 09:54 p.m.] [04/12/2012 09:53 p.m.] [D] C:\Program Files\Mozilla Maintenance Service
      [13/07/2009 11:52 p.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\MSBuild
      [29/03/2012 08:24 p.m.] [29/03/2012 08:24 p.m.] [D] C:\Program Files\Norton Security Scan
      [29/03/2012 08:24 p.m.] [29/03/2012 08:24 p.m.] [D] C:\Program Files\NortonInstaller
      [19/01/2012 10:21 p.m.] [19/01/2012 10:20 p.m.] [D] C:\Program Files\Panda Security
      [19/01/2012 07:50 p.m.] [19/01/2012 07:50 p.m.] [D] C:\Program Files\Panda USB Vaccine
      [04/12/2012 10:23 p.m.] [23/11/2011 11:03 p.m.] [D] C:\Program Files\PC Speed Maximizer
      [10/12/2011 10:19 p.m.] [10/12/2011 10:19 p.m.] [D] C:\Program Files\PDFReader
      [19/01/2012 09:12 p.m.] [28/11/2011 12:48 p.m.] [D] C:\Program Files\PopCap Games
      [31/03/2012 02:04 a.m.] [31/03/2012 02:03 a.m.] [D] C:\Program Files\QuickTime
      [19/07/2011 10:05 a.m.] [19/07/2011 10:05 a.m.] [D] C:\Program Files\Realtek
      [13/07/2009 11:52 p.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Reference Assemblies
      [20/04/2012 02:26 a.m.] [20/04/2012 02:26 a.m.] [D] C:\Program Files\Research In Motion
      [20/04/2012 01:41 a.m.] [20/04/2012 01:41 a.m.] [D] C:\Program Files\Research In Motion Limited
      [31/03/2012 02:22 a.m.] [31/03/2012 02:21 a.m.] [D] C:\Program Files\Safari
      [22/04/2012 07:58 p.m.] [22/04/2012 07:57 p.m.] [RD] C:\Program Files\Skype
      [05/05/2012 02:37 a.m.] [05/05/2012 02:37 a.m.] [D] C:\Program Files\Softonic
      [26/11/2011 05:45 p.m.] [26/11/2011 05:45 p.m.] [D] C:\Program Files\SweetIM
      [19/01/2012 08:01 p.m.] [19/07/2011 10:41 a.m.] [D] C:\Program Files\Symantec
      [19/07/2011 10:44 a.m.] [19/07/2011 10:44 a.m.] [D] C:\Program Files\SymSilent
      [11/09/2011 07:47 p.m.] [11/09/2011 07:47 p.m.] [D] C:\Program Files\Synaptics
      [19/07/2011 10:06 a.m.] [19/07/2011 10:05 a.m.] [HD] C:\Program Files\Temp
      [19/01/2012 10:21 p.m.] [19/01/2012 10:21 p.m.] [D] C:\Program Files\Toolbar Cleaner
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HD] C:\Program Files\Uninstall Information
      [11/10/2012 08:05 p.m.] [11/10/2012 08:05 p.m.] [D] C:\Program Files\uTorrent
      [26/02/2012 03:43 a.m.] [26/02/2012 03:43 a.m.] [D] C:\Program Files\v9Soft
      [23/11/2011 11:13 p.m.] [23/11/2011 11:13 p.m.] [D] C:\Program Files\VideoLAN
      [19/07/2011 10:13 a.m.] [19/07/2011 10:13 a.m.] [D] C:\Program Files\WildTangent Games
      [12/09/2011 05:33 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Windows Defender
      [01/01/2012 10:09 p.m.] [19/07/2011 10:21 a.m.] [D] C:\Program Files\Windows Live
      [12/09/2011 05:33 a.m.] [13/07/2009 09:37 p.m.] [D] C:\Program Files\Windows Mail
      [12/09/2011 05:33 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Windows Media Player
      [19/11/2011 06:14 p.m.] [13/07/2009 09:37 p.m.] [D] C:\Program Files\Windows NT
      [12/09/2011 05:33 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Windows Photo Viewer
      [20/11/2010 03:33 p.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Windows Portable Devices
      [12/09/2011 05:33 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Windows Sidebar
      [07/11/2012 07:59 p.m.] [07/11/2012 07:58 p.m.] [D] C:\Program Files\WinPcap
      [12/10/2012 12:52 a.m.] [12/10/2012 12:52 a.m.] [D] C:\Program Files\WinRAR
      [17/09/2012 01:51 p.m.] [19/07/2011 10:41 a.m.] [HDI] C:\ProgramData\Adobe
      [16/01/2012 11:23 p.m.] [16/01/2012 11:20 p.m.] [HDI] C:\ProgramData\Apple
      [16/01/2012 11:27 p.m.] [16/01/2012 11:27 p.m.] [HDI] C:\ProgramData\Apple Computer
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Application Data
      [02/12/2012 06:09 p.m.] [11/09/2011 07:53 p.m.] [HDI] C:\ProgramData\boost_interprocess
      [21/11/2012 04:51 p.m.] [21/11/2012 04:51 p.m.] [DI] C:\ProgramData\Browser Manager
      [30/11/2011 10:17 p.m.] [30/11/2011 09:28 a.m.] [HDI] C:\ProgramData\CyberLink
      [19/11/2011 06:14 p.m.] [19/11/2011 06:14 p.m.] [HSDLI] C:\ProgramData\Datos de programa
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Desktop
      [29/03/2012 05:30 p.m.] [29/03/2012 05:21 p.m.] [DI] C:\ProgramData\DivX
      [19/11/2011 06:14 p.m.] [19/11/2011 06:14 p.m.] [HSDLI] C:\ProgramData\Documentos
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Documents
      C:\ProgramData\ejTHTz4w4H0wVD [HAI] 448 bytes 0
      [19/07/2011 10:20 a.m.] [19/07/2011 10:20 a.m.] [HDI] C:\ProgramData\eMachines
      [19/11/2011 06:14 p.m.] [19/11/2011 06:14 p.m.] [HSDLI] C:\ProgramData\Escritorio
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Favorites
      [19/11/2011 06:14 p.m.] [19/11/2011 06:14 p.m.] [HSDLI] C:\ProgramData\Favoritos
      [28/11/2011 12:52 p.m.] [28/11/2011 12:52 p.m.] [HDI] C:\ProgramData\GameHouse
      [19/01/2012 08:45 p.m.] [30/11/2011 10:33 a.m.] [HDI] C:\ProgramData\install_clap
      [11/10/2012 10:19 p.m.] [11/10/2012 10:19 p.m.] [DI] C:\ProgramData\Malwarebytes
      [10/01/2012 12:31 a.m.] [10/01/2012 12:31 a.m.] [HDI] C:\ProgramData\McAfee
      [10/01/2012 12:31 a.m.] [10/01/2012 12:31 a.m.] [HDI] C:\ProgramData\McAfee Security Scan
      [31/03/2012 02:07 a.m.] [31/03/2012 02:07 a.m.] [DI] C:\ProgramData\Media Get LLC
      [19/11/2011 06:14 p.m.] [19/11/2011 06:14 p.m.] [HSDLI] C:\ProgramData\Menú Inicio
      [02/12/2012 06:36 p.m.] [13/07/2009 09:37 p.m.] [SDI] C:\ProgramData\Microsoft
      [22/03/2012 02:35 a.m.] [23/11/2011 08:36 p.m.] [DI] C:\ProgramData\Microsoft Help
      [05/05/2012 02:32 a.m.] [05/05/2012 02:32 a.m.] [DI] C:\ProgramData\Mozilla
      [29/03/2012 08:24 p.m.] [19/07/2011 10:43 a.m.] [HDI] C:\ProgramData\Norton
      [19/01/2012 08:00 p.m.] [19/07/2011 10:43 a.m.] [HDI] C:\ProgramData\NortonInstaller
      [19/11/2011 06:17 p.m.] [19/07/2011 10:41 a.m.] [HDI] C:\ProgramData\oem
      [19/01/2012 10:20 p.m.] [19/01/2012 07:50 p.m.] [HDI] C:\ProgramData\Panda Security
      [05/12/2012 10:46 p.m.] [19/01/2012 10:21 p.m.] [HDI] C:\ProgramData\Panda Security URL Filtering
      [19/11/2011 06:14 p.m.] [19/11/2011 06:14 p.m.] [HSDLI] C:\ProgramData\Plantillas
      [20/11/2011 10:09 p.m.] [20/11/2011 10:09 p.m.] [HDI] C:\ProgramData\PlayFirst
      [09/12/2011 05:43 p.m.] [09/12/2011 05:43 p.m.] [HDI] C:\ProgramData\PopCap Games
      [09/12/2011 05:46 p.m.] [09/12/2011 05:46 p.m.] [HDI] C:\ProgramData\PopCapY
      [20/04/2012 02:28 a.m.] [20/04/2012 02:28 a.m.] [DI] C:\ProgramData\Research In Motion
      [22/04/2012 07:57 p.m.] [19/07/2011 10:18 a.m.] [HDI] C:\ProgramData\Skype
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Start Menu
      [23/11/2011 11:09 p.m.] [23/11/2011 11:09 p.m.] [HDI] C:\ProgramData\Sun
      [29/03/2012 08:25 p.m.] [19/07/2011 10:41 a.m.] [HDI] C:\ProgramData\Symantec
      [30/11/2011 10:34 a.m.] [30/11/2011 10:34 a.m.] [HDI] C:\ProgramData\Temp
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Templates
      [28/11/2011 12:50 p.m.] [28/11/2011 12:50 p.m.] [HDI] C:\ProgramData\Trymedia
      [03/12/2011 08:01 p.m.] [03/12/2011 08:00 p.m.] [HDI] C:\ProgramData\WebcamMax
      [20/11/2011 05:07 p.m.] [20/11/2011 05:07 p.m.] [HDI] C:\ProgramData\Wild Tangent
      [27/11/2011 06:31 p.m.] [19/07/2011 10:13 a.m.] [HDI] C:\ProgramData\WildTangent
      [16/01/2012 11:29 p.m.] [16/01/2012 11:27 p.m.] [DI] C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
      [25/06/2012 04:47 a.m.] [25/06/2012 04:46 a.m.] [DI] C:\ProgramData\{743C2E37-D73E-451E-9FB3-39484814399E}
      C:\ProgramData\~ejTHTz4w4H0wVD [HAI] 264 bytes 0
      C:\ProgramData\~ejTHTz4w4H0wVDr [HAI] 176 bytes 0

      ==================== EOF ==================

    5. #5
      Usuario Avatar de edson2012
      Registrado
      dic 2012
      Ubicación
      acapulco mexico
      Mensajes
      8
      OTL logfile created on: 06/12/2012 3:45:01 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jessica\Downloads
      Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: México | Language: ESM | Date Format: dd/MM/yyyy

      1013,09 Mb Total Physical Memory | 117,87 Mb Available Physical Memory | 11,63% Memory free
      1,99 Gb Paging File | 0,53 Gb Available in Paging File | 26,89% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 219,79 Gb Total Space | 90,99 Gb Free Space | 41,40% Space Free | Partition Type: NTFS

      Computer Name: JESSICA-PC | User Name: Jessica | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Jessica\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Users\Jessica\AppData\Local\Pokki\v0.260.8.396\pokki.exe (Pokki)
      PRC - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      PRC - C:\Archivos de programa\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
      PRC - C:\Archivos de programa\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Archivos de programa\Ares\Ares.exe (Ares Development Group)
      PRC - C:\Archivos de programa\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
      PRC - C:\Archivos de programa\DivX\DivX Update\DivXUpdate.exe ()
      PRC - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
      PRC - C:\Archivos de programa\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
      PRC - C:\Archivos de programa\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated)
      PRC - C:\Archivos de programa\eMachines\eMachines Power Management\ePowerSvc.exe (Acer Incorporated)
      PRC - C:\Archivos de programa\eMachines\eMachines Power Management\ePowerEvent.exe (Acer Incorporated)
      PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
      PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      PRC - C:\Archivos de programa\eMachines\eMachines Updater\UpdaterService.exe (Acer Incorporated)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\eMachines\Registration\GREGsvc.exe (Acer Incorporated)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Sidebar\sidebar.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Panda USB Vaccine\USBVaccine.exe (Panda Security)


      ========== Modules (No Company Name) ==========

      MOD - C:\Users\Jessica\AppData\Local\Pokki\ocdeskband_0.dll ()
      MOD - C:\Users\Jessica\AppData\Local\Pokki\v0.260.8.396\chrome.dll ()
      MOD - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      MOD - c:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      MOD - C:\Users\Jessica\AppData\Local\Pokki\v0.260.8.396\avformat-53.dll ()
      MOD - C:\Users\Jessica\AppData\Local\Pokki\v0.260.8.396\avcodec-53.dll ()
      MOD - C:\Users\Jessica\AppData\Local\Pokki\v0.260.8.396\avutil-51.dll ()
      MOD - C:\Archivos de programa\DivX\DivX Update\DivXUpdateCheck.dll ()
      MOD - C:\Archivos de programa\DivX\DivX Update\DivXUpdate.exe ()


      ========== Services (SafeList) ==========

      SRV - (MozillaMaintenance) -- C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (NOBU) -- C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (SkypeUpdate) -- C:\Archivos de programa\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (odserv) -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
      SRV - (McComponentHostService) -- C:\Archivos de programa\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
      SRV - (fsssvc) -- C:\Archivos de programa\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
      SRV - (ePowerSvc) -- C:\Archivos de programa\eMachines\eMachines Power Management\ePowerSvc.exe (Acer Incorporated)
      SRV - (NanoServiceMain) -- C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      SRV - (Live Updater Service) -- C:\Archivos de programa\eMachines\eMachines Updater\UpdaterService.exe (Acer Incorporated)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (GREGService) -- C:\Archivos de programa\eMachines\Registration\GREGsvc.exe (Acer Incorporated)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (GamesAppService) -- C:\Archivos de programa\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
      SRV - (wlcrasvc) -- C:\Archivos de programa\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
      SRV - (rpcapd) -- C:\Archivos de programa\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (L1C) -- system32\DRIVERS\L1C62x86.sys File not found
      DRV - (clwvd) -- system32\DRIVERS\clwvd.sys File not found
      DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
      DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (PSINAflt) -- C:\Windows\System32\drivers\PSINAflt.sys (Panda Security, S.L.)
      DRV - (PSINProt) -- C:\Windows\System32\drivers\PSINProt.sys (Panda Security, S.L.)
      DRV - (PSINKNC) -- C:\Windows\System32\drivers\PSINKNC.sys (Panda Security, S.L.)
      DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
      DRV - (PSINProc) -- C:\Windows\System32\drivers\PSINProc.sys (Panda Security, S.L.)
      DRV - (PSINFile) -- C:\Windows\System32\drivers\PSINFile.sys (Panda Security, S.L.)
      DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
      DRV - (EUCR) -- C:\Windows\System32\drivers\EUCR6SK.sys (ENE Technology Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = mx.v9.com/slb/slb_1330249219_464152
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
      IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Babylon Search
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = mx.v9.com/slb/slb_1330249219_464152
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\URLSearchHook: {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - No CLSID value found
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=110393&babsrc=SP_ss&mntrId=3e346aad000000000000d0df9ad25ad4
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=chr-panda&q={searchTerms}&ei=UTF-8&type=PCAFSI1190
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes\{510968AC-D397-47CE-B70D-E735C0CD8D92}: "URL" = http://search.softonic.com/MON00033/tb_v1?q={searchTerms}&SearchSource=4&cc=
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes\{C5FD6EB0-B3F6-488C-A510-6DD9E651B061}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851619
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={B94FD8D6-1888-11E1-8D53-B870F4EFCED2}
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
      FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
      FF - prefs.js..browser.search.selectedEngine: ""
      FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=115290&tt=4712_5&babsrc=HP_ss&mntrId=3e346aad000000000000d0df9ad25ad4"
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
      FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
      FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Jessica\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jessica\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jessica\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper: C:\Users\Jessica\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/29 17:29:54 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/04 21:53:11 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012/11/21 16:51:50 | 000,000,000 | ---D | M]

      [2012/12/04 21:55:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jessica\AppData\Roaming\mozilla\Extensions
      [2012/12/04 21:57:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jessica\AppData\Roaming\mozilla\Firefox\Profiles\mrho76bv.default\extensions
      [2012/12/04 21:57:05 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Jessica\AppData\Roaming\mozilla\firefox\profiles\mrho76bv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2012/11/21 16:51:02 | 000,002,349 | ---- | M] () -- C:\Users\Jessica\AppData\Roaming\mozilla\firefox\profiles\mrho76bv.default\searchplugins\mngr.xml
      [2012/12/04 21:53:11 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      [2012/11/29 02:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
      [2012/11/29 04:56:53 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
      [2011/11/23 23:15:54 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
      [2012/11/29 04:56:53 | 000,002,456 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mercadolibre-mx.xml
      [2012/11/29 04:56:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/11/29 04:56:53 | 000,001,102 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-mx.xml

      ========== Chrome ==========

      CHR - homepage: Babylon Search
      CHR - default_search_provider: ()
      CHR - default_search_provider: search_url =
      CHR - default_search_provider: suggest_url =
      CHR - homepage: Google
      CHR - Extension: No name found = C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
      CHR - Extension: No name found = C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
      CHR - Extension: No name found = C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk\2.3.17.1_0\
      CHR - Extension: No name found = C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\

      O1 HOSTS File: ([2009/06/10 15:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Archivos de programa\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Archivos de programa\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
      O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll File not found
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Archivos de programa\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
      O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Archivos de programa\Softonic\Softonic\1.5.21.0\bh\Softonic.dll (Softonic.com)
      O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Archivos de programa\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll (Softonic.com)
      O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Archivos de programa\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
      O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\Toolbar\WebBrowser: (no name) - {DB131C55-60C8-4ADC-84DC-9E76AB06E2DC} - No CLSID value found.
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
      O4 - HKLM..\Run: [Norton Online Backup] C:\Archivos de programa\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
      O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
      O4 - HKLM..\Run: [Power Management] C:\Archivos de programa\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated)
      O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
      O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Archivos de programa\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
      O4 - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
      O4 - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000..\Run: [Facebook Update] C:\Users\Jessica\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000..\Run: [Pokki] C:\Users\Jessica\AppData\Local\Pokki\v0.260.8.396\pokki.exe (Pokki)
      O4 - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Archivos de programa\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
      O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O13 - gopher Prefix: missing
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58D4C4F2-D7E5-45BA-AB16-8E6A1FA8A3D9}: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C75C6770-715C-417C-9DFB-5B6C6F1AB47A}: DhcpNameServer = 10.233.23.4 10.233.22.4
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
      O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Archivos de programa\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/12/05 23:00:46 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
      [2012/12/05 22:48:35 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{EE2AE3D2-CD9E-4DEE-80DB-C9165FC7D1DE}
      [2012/12/05 02:44:53 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2012/12/04 22:15:34 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{CFB108B6-D88B-43F0-8853-42B2FE6C1275}
      [2012/12/04 21:53:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
      [2012/12/04 21:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/12/04 21:35:19 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2012/12/04 21:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2012/12/02 17:57:08 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{4F257E1A-CBBD-405C-A233-9E44A5887DC6}
      [2012/12/02 12:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
      [2012/12/02 12:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
      [2012/12/01 19:43:12 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{8DCB374C-9036-49A8-B801-8C640C5D2FDA}
      [2012/11/27 17:45:00 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{8367A946-3E69-42A7-9D7C-C75C4AB53932}
      [2012/11/25 11:18:50 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{791B0C37-B5AF-4951-BFE1-8818899620DC}
      [2012/11/21 16:51:56 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
      [2012/11/21 16:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
      [2012/11/21 16:51:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
      [2012/11/19 12:53:57 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{8BAD9D42-5C67-4CBB-8F3C-8A02927116DA}
      [2012/11/17 21:53:45 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{F82F166B-3D39-45BA-8D5A-F743FA730E2B}
      [2012/11/14 18:03:40 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{05F40CCD-E92D-454F-935A-271D922F1B6E}
      [2012/11/09 19:21:55 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{AB8D50D4-214E-4295-B6D7-F8CB00B58C28}
      [2012/11/09 00:21:38 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{7FBAEE9B-931F-4433-814F-463771EE8F3A}
      [2012/11/08 12:05:37 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{8F44B4A3-DDF3-42E3-8D9A-C87A261D5914}
      [2012/11/07 19:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
      [2012/11/07 19:58:57 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
      [2012/11/07 13:40:48 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{879EFC58-3954-4D4F-9D41-28714F58C0A9}
      [2012/11/06 10:54:34 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\{5BE12E10-27CD-4A3E-9881-33A7FE1766BC}

      ========== Files - Modified Within 30 Days ==========

      [2012/12/06 03:41:04 | 000,001,054 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1570359875-2611548316-4100511052-1000UA.job
      [2012/12/06 03:00:01 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/12/06 02:13:06 | 000,001,074 | -H-- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1570359875-2611548316-4100511052-1000UA.job
      [2012/12/05 23:21:59 | 000,016,160 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/12/05 23:21:59 | 000,016,160 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/12/05 23:14:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/12/05 23:14:05 | 796,725,248 | -HS- | M] () -- C:\hiberfil.sys
      [2012/12/05 23:00:46 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
      [2012/12/05 20:43:14 | 000,001,002 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1570359875-2611548316-4100511052-1000Core.job
      [2012/12/05 17:13:21 | 000,001,052 | -H-- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1570359875-2611548316-4100511052-1000Core.job
      [2012/12/05 09:47:16 | 000,357,634 | ---- | M] () -- C:\Users\Jessica\Desktop\cc_20121205_094633.reg
      [2012/12/04 21:54:27 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012/12/04 21:35:36 | 000,001,080 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/12/02 19:58:57 | 000,703,840 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2012/12/02 19:58:57 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2012/12/02 19:58:57 | 000,137,806 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2012/12/02 19:58:57 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2012/12/01 17:53:48 | 000,001,629 | ---- | M] () -- C:\Windows\wininit.ini
      [2012/12/01 14:07:15 | 000,002,468 | -H-- | M] () -- C:\Users\Jessica\Desktop\Google Chrome.lnk
      [2012/11/25 02:13:47 | 000,000,444 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Jessica.job
      [2012/11/17 02:38:40 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_netaapl_01009.Wdf

      ========== Files Created - No Company Name ==========

      [2012/12/05 09:46:50 | 000,357,634 | ---- | C] () -- C:\Users\Jessica\Desktop\cc_20121205_094633.reg
      [2012/12/04 21:54:27 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012/12/04 21:54:23 | 000,001,130 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [2012/12/04 21:35:36 | 000,001,080 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/12/02 12:24:08 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
      [2012/11/23 00:39:55 | 000,516,343 | ---- | C] () -- C:\Users\Jessica\COELHO PAULO - Once Minutos.PDF
      [2012/11/17 02:38:40 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
      [2012/09/20 13:32:03 | 000,000,422 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.sfv
      [2012/09/17 15:46:53 | 419,430,400 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.part08.rar
      [2012/09/17 13:50:32 | 419,430,400 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.part04.rar
      [2012/09/17 13:07:32 | 419,430,400 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.part07.rar
      [2012/09/17 12:50:34 | 238,315,260 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.part11.rar
      [2012/09/17 12:50:03 | 419,430,400 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.part06.rar
      [2012/09/17 12:31:11 | 419,430,400 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.part01.rar
      [2012/09/17 12:27:11 | 419,430,400 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.part05.rar
      [2012/09/17 12:15:11 | 419,430,400 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.part09.rar
      [2012/09/17 12:13:12 | 419,430,400 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.part03.rar
      [2012/09/17 12:13:11 | 419,430,400 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.part02.rar
      [2012/09/17 1211 | 419,430,400 | ---- | C] () -- C:\Users\Jessica\049O78LUFU.part10.rar
      [2012/08/12 17:51:23 | 000,100,216 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
      [2012/05/24 20:17:00 | 000,001,629 | ---- | C] () -- C:\Windows\wininit.ini
      [2012/03/22 19:28:03 | 000,000,264 | -H-- | C] () -- C:\ProgramData\~ejTHTz4w4H0wVD
      [2012/03/22 19:28:03 | 000,000,176 | -H-- | C] () -- C:\ProgramData\~ejTHTz4w4H0wVDr
      [2012/03/22 19:27:58 | 000,000,448 | -H-- | C] () -- C:\ProgramData\ejTHTz4w4H0wVD
      [2012/01/19 20:20:02 | 000,017,408 | -H-- | C] () -- C:\Users\Jessica\AppData\Local\WebpageIcons.db
      [2011/11/20 22:30:07 | 000,006,656 | -H-- | C] () -- C:\Users\Jessica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2011/11/20 22:04:14 | 000,000,010 | -H-- | C] () -- C:\Windows\popcinfo.dat
      [2011/09/12 04:28:39 | 000,703,840 | ---- | C] () -- C:\Windows\System32\perfh00A.dat
      [2011/09/12 04:28:39 | 000,341,432 | ---- | C] () -- C:\Windows\System32\perfi00A.dat
      [2011/09/12 04:28:39 | 000,137,806 | ---- | C] () -- C:\Windows\System32\perfc00A.dat
      [2011/09/12 04:28:39 | 000,041,390 | ---- | C] () -- C:\Windows\System32\perfd00A.dat
      [2011/07/19 09:19:21 | 000,361,808 | ---- | C] () -- C:\Windows\EMCRI_E.dll
      [2011/07/19 09:05:56 | 000,247,560 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
      [2011/07/19 09:05:56 | 000,039,672 | ---- | C] () -- C:\Windows\System32\drivers\RtPCEE3.DAT
      [2011/07/19 09:05:56 | 000,029,494 | ---- | C] () -- C:\Windows\System32\drivers\RtPCEE4.DAT
      [2011/07/19 09:05:56 | 000,001,448 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
      [2011/07/19 09:05:56 | 000,000,712 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
      [2011/07/19 09:05:56 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX3.dat
      [2011/07/19 09:05:56 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
      [2011/07/19 09:05:56 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
      [2011/07/19 09:05:56 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
      [2011/07/19 09:05:56 | 000,000,024 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat

      ========== ZeroAccess Check ==========

      [2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 02:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 15:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/02/26 03:39:48 | 000,000,000 | -H-D | M] -- C:\Users\Jessica\AppData\Roaming\eType
      [2011/12/03 20:06:52 | 000,000,000 | -H-D | M] -- C:\Users\Jessica\AppData\Roaming\funkitron
      [2012/11/11 2134 | 000,000,000 | -H-D | M] -- C:\Users\Jessica\AppData\Roaming\Kingston
      [2012/01/19 22:54:28 | 000,000,000 | -H-D | M] -- C:\Users\Jessica\AppData\Roaming\Panda Security
      [2011/11/20 22:09:16 | 000,000,000 | -H-D | M] -- C:\Users\Jessica\AppData\Roaming\PlayFirst
      [2012/04/20 01:47:12 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\Research In Motion
      [2011/12/10 22:25:41 | 000,000,000 | -H-D | M] -- C:\Users\Jessica\AppData\Roaming\SumatraPDF
      [2012/12/06 03:37:33 | 000,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\uTorrent
      [2011/12/03 20:00:38 | 000,000,000 | -H-D | M] -- C:\Users\Jessica\AppData\Roaming\WebcamMax

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/06/25 01:02:17 | 000,004,834 | ---- | M] () -- C:\AT-Cuarentena
      [2012/12/05 23:12:20 | 000,047,642 | ---- | M] () -- C:\AT-Destroyer.txt
      [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2011/07/19 09:25:07 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2009/06/10 15:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
      [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
      [2007/11/07 07:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
      [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
      [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
      [2007/11/07 07:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
      [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
      [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
      [2007/11/07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
      [2007/11/07 07:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
      [2012/12/05 23:14:05 | 796,725,248 | -HS- | M] () -- C:\hiberfil.sys
      [2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
      [2007/11/07 07:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
      [2007/11/07 07:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
      [2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
      [2007/11/07 07:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
      [2007/11/07 07:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
      [2007/11/07 07:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
      [2007/11/07 07:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
      [2007/11/07 07:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
      [2007/11/07 07:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
      [2007/11/07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
      [2012/12/06 03:42:45 | 1073,741,824 | -HS- | M] () -- C:\pagefile.sys
      [2007/11/07 07:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
      [2007/11/07 07:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
      [2007/11/07 07:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

      ========== Files - Unicode (All) ==========
      [2012/01/27 22:54:07 | 000,011,776 | -H-- | M] ()(C:\Users\Jessica\Documents\???? JEHOVÁ.docx) -- C:\Users\Jessica\Documents\יהוה JEHOVÁ.docx
      [2012/01/27 22:54:02 | 000,011,776 | -H-- | C] ()(C:\Users\Jessica\Documents\???? JEHOVÁ.docx) -- C:\Users\Jessica\Documents\יהוה JEHOVÁ.docx

      < End of report >

      *****************************


      sigue apareciendo la pagina de babylon predeterminada y botones en la toolbar de chrome..
      auunque ya veo mejoria en la velocidad, sigue lenta pero no taaaaaaaaaaanto
      Última edición por @Javier_HF fecha: 06/12/12 a las 07:02:00 Razón: Unir mensajes.

    6. #6
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.708

      Re: pc muy muy lenta y pagina de babylon en exploradores

      Ahora sigue estos pasos :

      MUY Importante ~ Realiza una copia de seguridad del registro con >> Erunt.
      Y después ejecuta de nuevo OTL.exe

      Copia y Pega el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación.

      Código:
      :OTL
      PRC - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      PRC - C:\Archivos de programa\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
      MOD - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      MOD - c:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      SRV - (McComponentHostService) -- C:\Archivos de programa\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
      DRV - (L1C) -- system32\DRIVERS\L1C62x86.sys File not found
      DRV - (clwvd) -- system32\DRIVERS\clwvd.sys File not found
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = mx.v9.com/slb/slb_1330249219_464152
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Babylon Search
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = mx.v9.com/slb/slb_1330249219_464152
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\URLSearchHook: {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - No CLSID value found
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=110393&babsrc=SP_ss&mntrId=3e346aad000000000000d0df9ad25ad4
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes\{510968AC-D397-47CE-B70D-E735C0CD8D92}: "URL" = http://search.softonic.com/MON00033/tb_v1?q={searchTerms}&SearchSource=4&cc=
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes\{C5FD6EB0-B3F6-488C-A510-6DD9E651B061}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851619
      IE - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={B94FD8D6-1888-11E1-8D53-B870F4EFCED2}
      FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
      FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
      FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=115290&tt=4712_5&babsrc=HP_ss&mntrId=3e346aad000000000000d0df9ad25ad4"
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
      [2011/11/23 23:15:54 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
      [2012/11/29 04:56:53 | 000,002,456 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mercadolibre-mx.xml
      CHR - homepage: Babylon Search
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll File not found
      O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Archivos de programa\Softonic\Softonic\1.5.21.0\bh\Softonic.dll (Softonic.com)
      O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Archivos de programa\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll (Softonic.com)
      O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\..\Toolbar\WebBrowser: (no name) - {DB131C55-60C8-4ADC-84DC-9E76AB06E2DC} - No CLSID value found.
      O4 - HKU\S-1-5-21-1570359875-2611548316-4100511052-1000..\Run: [Facebook Update] C:\Users\Jessica\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O20 - AppInit_DLLs: (c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      [2012/11/21 16:51:56 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
      [2012/11/21 16:51:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
      [2012/12/06 02:13:06 | 000,001,074 | -H-- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1570359875-2611548316-4100511052-1000UA.job
      [2012/12/05 17:13:21 | 000,001,052 | -H-- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1570359875-2611548316-4100511052-1000Core.job
      [2012/01/27 22:54:07 | 000,011,776 | -H-- | M] ()(C:\Users\Jessica\Documents\???? JEHOVÁ.docx) -- C:\Users\Jessica\Documents\???? JEHOVÁ.docx
      [2012/01/27 22:54:02 | 000,011,776 | -H-- | C] ()(C:\Users\Jessica\Documents\???? JEHOVÁ.docx) -- C:\Users\Jessica\Documents\???? JEHOVÁ.docx
      :Files
      C:\instal*.*
      ipconfig /flushdns /c
      ipconfig /renew /c
      :Commands
      [PURITY]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [RESETHOSTS]
      Presiona el Botón Reparar para lanzar la eliminación. Después presionas en OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.

      Guardas el nuevo reporte generado, y lo copias y pegas en tu próxima respuesta.

      Antes de contestarnos, y después de pasar OTL, revisa/actualiza tu versión de Java(Muy Importante) >> Descarga gratuita del software de Java

      Y cuando nos contestes dinos que versión de Java se ha quedado instalada >> ¿Cómo puedo comprobar si Java funciona en mi equipo?

      Recuerda ponernos el log de OTL, y dinos también que versión de Java tienes ahora y como sigue el ordenador, en relación al problema planteado.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de edson2012
      Registrado
      dic 2012
      Ubicación
      acapulco mexico
      Mensajes
      8
      hola

      -antes de postear el log de OTL ..quieo mencionarte que cuando se reinicio despues de pasar OTL, me salieron mensaje sde ERUNT donde decia que no tuvo acceso a no se que archivos de registro que si intentaba el siguiente, le di aceptar y denuevo no pudo..en total fueron como 6, es malo eso?

      - la paina de babylon la tuve que cambiar manualmente desde chrome y firefox..pero me queda la duda de si esa cosa sigue por ahi y despues pueda afectarme..


      -instale java y parece que todo bien, salvo un mensaje al final de la instalacion "intaller Wraper.CreateFile failed with error 5: Acceso denegado



      version de java:


      Java SE 7 unpdate 09

      ------------------

      LOG de OTL


      All processes killed
      ========== OTL ==========
      No active process named mngr.exe was found!
      No active process named SSScheduler.exe was found!
      Service Browser Manager stopped successfully!
      Service Browser Manager deleted successfully!
      File move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe scheduled to be moved on reboot.
      Error: No service named McComponentHostService was found to stop!
      Service\Driver key McComponentHostService not found.
      File C:\Archivos de programa\McAfee Security Scan\3.0.207\McCHSvc.exe not found.
      Service L1C stopped successfully!
      Service L1C deleted successfully!
      File system32\DRIVERS\L1C62x86.sys File not found not found.
      Service clwvd stopped successfully!
      Service clwvd deleted successfully!
      File system32\DRIVERS\clwvd.sys File not found not found.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
      HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!
      HKU\S-1-5-21-1570359875-2611548316-4100511052-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
      Registry value HKEY_USERS\S-1-5-21-1570359875-2611548316-4100511052-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{db131c55-60c8-4adc-84dc-9e76ab06e2dc} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db131c55-60c8-4adc-84dc-9e76ab06e2dc}\ not found.
      Registry key HKEY_USERS\S-1-5-21-1570359875-2611548316-4100511052-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.
      Registry key HKEY_USERS\S-1-5-21-1570359875-2611548316-4100511052-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry key HKEY_USERS\S-1-5-21-1570359875-2611548316-4100511052-1000\Software\Microsoft\Internet Explorer\SearchScopes\{510968AC-D397-47CE-B70D-E735C0CD8D92}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{510968AC-D397-47CE-B70D-E735C0CD8D92}\ not found.
      Registry key HKEY_USERS\S-1-5-21-1570359875-2611548316-4100511052-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C5FD6EB0-B3F6-488C-A510-6DD9E651B061}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5FD6EB0-B3F6-488C-A510-6DD9E651B061}\ not found.
      Registry key HKEY_USERS\S-1-5-21-1570359875-2611548316-4100511052-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0\ deleted successfully.
      C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll moved successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin\ not found.
      File C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll not found.
      C:\Archivos de programa\Mozilla Firefox\searchplugins\fcmdSrch.xml moved successfully.
      C:\Archivos de programa\Mozilla Firefox\searchplugins\mercadolibre-mx.xml moved successfully.
      Use Chrome's Settings page to change the HomePage.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
      File C:\Archivos de programa\Java\jre6\bin\ssv.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}\ not found.
      File C:\Archivos de programa\Softonic\Softonic\1.5.21.0\bh\Softonic.dll not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}\ not found.
      File C:\Archivos de programa\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
      Registry value HKEY_USERS\S-1-5-21-1570359875-2611548316-4100511052-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}\ not found.
      Registry value HKEY_USERS\S-1-5-21-1570359875-2611548316-4100511052-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
      C:\Users\Jessica\AppData\Local\Facebook\Update\FacebookUpdate.exe moved successfully.
      Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll deleted successfully.
      File move failed. c:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll scheduled to be moved on reboot.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager folder moved successfully.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18 scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager scheduled to be moved on reboot.
      C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1570359875-2611548316-4100511052-1000UA.job moved successfully.
      C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1570359875-2611548316-4100511052-1000Core.job moved successfully.
      File C:\Users\Jessica\Documents\???? JEHOVÁ.docx not found.
      File C:\Users\Jessica\Documents\???? JEHOVÁ.docx not found.
      ========== FILES ==========
      C:\install.exe moved successfully.
      C:\install.ini moved successfully.
      C:\install.res.1028.dll moved successfully.
      C:\install.res.1031.dll moved successfully.
      C:\install.res.1033.dll moved successfully.
      C:\install.res.1036.dll moved successfully.
      C:\install.res.1040.dll moved successfully.
      C:\install.res.1041.dll moved successfully.
      C:\install.res.1042.dll moved successfully.
      C:\install.res.2052.dll moved successfully.
      C:\install.res.3082.dll moved successfully.
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Jessica\Downloads\cmd.bat deleted successfully.
      C:\Users\Jessica\Downloads\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . : lan
      V¡nculo: direcci¢n IPv6 local. . . : fe80::617d:a90e:4f20:d0ab%11
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.68
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.254
      Adaptador de t£nel isatap.lan:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : lan
      Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:6ab8:10a3:37e7:3f57:febb
      V¡nculo: direcci¢n IPv6 local. . . : fe80::10a3:37e7:3f57:febb%12
      Puerta de enlace predeterminada . . . . . : ::
      C:\Users\Jessica\Downloads\cmd.bat deleted successfully.
      C:\Users\Jessica\Downloads\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: Administrator

      User: All Users

      User: Default

      User: Default User

      User: Jessica
      ->Flash cache emptied: 825 bytes

      User: Public

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: Administrator

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Jessica
      ->Temp folder emptied: 7451849 bytes
      ->Temporary Internet Files folder emptied: 4929259 bytes
      ->Java cache emptied: 73244 bytes
      ->FireFox cache emptied: 16629486 bytes
      ->Google Chrome cache emptied: 8054874 bytes
      ->Apple Safari cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 70 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 529248 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 36,00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 12062012_143038

      Files\Folders moved on Reboot...
      File move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe scheduled to be moved on reboot.
      File move failed. c:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18 scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18 scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

      ***************************************

      el ordenador ha mejorado notoriamente..aunque todavia se alenta un poco..
      estara bien escanearla por si quedo algun bicho?
      parece que lo peor ya quedo eliminado

      ***************************************

      nota de ultimo minuto :


      el maldito babylon se puso de nuevo como pagina principal de firefox..
      Última edición por @Javier_HF fecha: 06/12/12 a las 17:31:05 Razón: Unir mensajes.

    8. #8
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.708

      Re: pc muy muy lenta y pagina de babylon en exploradores

      Sigue estos pasos :

      - Descarga la herramienta ComboFix y guárdala en el escritorio. <--- Importante.

      Nota: Antes de ejecutar ComboFix asegurarse de :

      Cerrar todos los programas y ventanas abiertas.

      Desactivar temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus

      Si está utilizando Windows Vista o Windows 7. Haga click derecho sobre el archivo ComboFix.exe y seleccionar Ejecutar como Administrador.

      PASO 1:

      • Ejecutar el archivo ComboFix.exe
      • Aceptar los términos de licencia.
      • Si ComboFix avisa que hay una versión nueva del programa deberás descargala.
      • Si ComboFix pide instalar la Consola de Recuperación (Recovery Console) hay que instalarla.

      PASO 2:

      • Copiar y pegar el reporte que ComboFix generó. Si no aparece lo encontraras en C:\ComboFix.txt.


      • Comentar cómo sigue su sistema, en relación al problema planteado.


      Importante :

      • Mientras esté trabajando ComboFix no ejecutar ningún software hasta que termine.
      • No reiniciar su PC, ComboFix lo hará de ser necesario.
      • Mientras ComboFix esté trabajando, no mover el mouse ya que pararía su proceso.

      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      NOTAS IMPORTANTES:

      ° Una vez Terminado el Trabajo de ComboFix, puedes activar Tu antivirus.

      ° No Pongas los Reportes Dentro de Etiquetas Code ni HTML.

      ° No vuelvas a ejecutar ningún otro programa antivirus hasta que vuelva con una respuesta.
      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de edson2012
      Registrado
      dic 2012
      Ubicación
      acapulco mexico
      Mensajes
      8

      Re: pc muy muy lenta y pagina de babylon en exploradores

      se me abrieron varias ventanas de pokki solicitando instalarlo en la barra de herramientas..???

      y aparecieron archivos en el escritorio que antes no se veian, fotos sobretodo..no se si estaban bloqueadas por un virus o algo y ahora ya se ven jejjje


      ComboFix 12-12-04.01 - Jessica 06/12/2012 15:52:18.1.4 - x86
      Microsoft Windows 7 Starter 6.1.7601.1.1252.52.3082.18.1013.201 [GMT -6:00]
      Running from: c:\users\Jessica\Downloads\ComboFix.exe
      AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
      FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
      SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
      SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
      c:\users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\System Check.lnk
      c:\users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\Uninstall System Check.lnk
      c:\windows\wininit.ini
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-11-06 to 2012-12-06 )))))))))))))))))))))))))))))))
      .
      .
      2012-12-06 22:15 . 2012-12-06 22:15 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-12-06 21:35 . 2012-12-06 21:35 -------- d-----w- c:\programdata\blekko toolbars
      2012-12-06 21:35 . 2012-12-06 21:35 -------- d-----w- c:\program files\Toolbar Cleaner
      2012-12-06 21:34 . 2012-11-07 15:00 46672 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
      2012-12-06 21:34 . 2012-12-06 21:35 -------- d-----w- c:\program files\pandasecuritytb
      2012-12-06 20:49 . 2012-12-06 20:48 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
      2012-12-06 20:48 . 2012-12-06 20:48 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
      2012-12-06 20:30 . 2012-12-06 20:30 -------- d-----w- C:\_OTL
      2012-12-06 20:17 . 2012-12-06 20:17 -------- d-----w- c:\program files\ERUNT
      2012-12-06 11:02 . 2012-12-06 11:03 -------- d-----w- c:\program files\Google
      2012-12-05 23:09 . 2012-12-06 21:52 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{07119CD7-6F11-42F6-B41D-A517CCD254A9}\offreg.dll
      2012-12-05 08:44 . 2012-12-06 09:39 -------- d-----w- C:\_AT-Destroyer
      2012-12-05 03:58 . 2012-12-05 03:58 105692 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{6134778D-23CC-BF94-4CE5-9DB5C5703673}-Bu_.exe
      2012-12-05 03:52 . 2012-11-29 08:26 2397152 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
      2012-12-05 03:35 . 2012-12-05 03:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2012-12-05 03:35 . 2012-09-30 01:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-12-02 18:24 . 2012-12-02 18:24 -------- d-----w- c:\program files\Apple Software Update
      2012-11-21 22:51 . 2012-11-21 22:51 -------- d-----w- c:\programdata\Browser Manager
      2012-11-21 22:51 . 2012-10-27 05:27 816608 ----a-w- c:\program files\Mozilla Firefox\sqlite3.dll
      2012-11-14 23:25 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{07119CD7-6F11-42F6-B41D-A517CCD254A9}\mpengine.dll
      2012-11-10 01:01 . 2012-11-10 01:01 123944 ----a-w- c:\windows\system32\drivers\PSINProt.sys
      2012-11-10 01:01 . 2012-11-10 01:01 114216 ----a-w- c:\windows\system32\drivers\PSINProc.sys
      2012-11-10 01:01 . 2012-11-10 01:01 174632 ----a-w- c:\windows\system32\drivers\PSINKNC.sys
      2012-11-10 01:00 . 2012-11-10 01:00 149544 ----a-w- c:\windows\system32\drivers\PSINAflt.sys
      2012-11-10 01:00 . 2012-11-10 01:00 104488 ----a-w- c:\windows\system32\drivers\PSINFile.sys
      2012-11-09 17:23 . 2012-11-09 17:23 276520 ----a-w- c:\windows\system32\drivers\NNSStrm.sys
      2012-11-09 17:23 . 2012-11-09 17:23 133928 ----a-w- c:\windows\system32\drivers\NNStlsc.sys
      2012-11-09 17:23 . 2012-11-09 17:23 370216 ----a-w- c:\windows\system32\drivers\NNSProt.sys
      2012-11-09 17:23 . 2012-11-09 17:23 191528 ----a-w- c:\windows\system32\drivers\NNSPrv.sys
      2012-11-09 17:23 . 2012-11-09 17:23 128040 ----a-w- c:\windows\system32\drivers\NNSSmtp.sys
      2012-11-09 17:23 . 2012-11-09 17:23 74792 ----a-w- c:\windows\system32\drivers\NNSPihsw.sys
      2012-11-09 17:23 . 2012-11-09 17:23 125480 ----a-w- c:\windows\system32\drivers\NNSPop3.sys
      2012-11-09 17:23 . 2012-11-09 17:23 163112 ----a-w- c:\windows\system32\drivers\NNSIds.sys
      2012-11-09 17:23 . 2012-11-09 17:23 139176 ----a-w- c:\windows\system32\drivers\NNSHttp.sys
      2012-11-09 17:23 . 2012-11-09 17:23 133544 ----a-w- c:\windows\system32\drivers\NNSpicc.sys
      2012-11-09 17:23 . 2012-11-09 17:23 119208 ----a-w- c:\windows\system32\drivers\NNSAlpc.sys
      2012-11-08 01:58 . 2012-11-08 01:59 -------- d-----w- c:\program files\WinPcap
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-12-06 20:48 . 2012-04-02 00:10 746984 ----a-w- c:\windows\system32\deployJava1.dll
      2012-10-22 18:08 . 2012-10-22 18:08 29224 ----a-w- c:\windows\system32\drivers\NNSNAHSL.sys
      2012-10-08 20:00 . 2012-09-17 18:51 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2012-10-08 20:00 . 2011-07-19 15:43 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-09-28 16:32 . 2012-09-28 16:32 5989776 ----a-w- c:\windows\system32\usbaaplrc.dll
      2012-09-28 16:32 . 2012-09-28 16:32 44544 ----a-w- c:\windows\system32\drivers\usbaapl.sys
      2012-11-29 08:26 . 2012-12-05 03:53 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
      2012-10-15 13:02 87176 ----a-w- c:\program files\pandasecuritytb\pandasecurityDx.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files\pandasecuritytb\pandasecurityDx.dll" [2012-10-15 87176]
      .
      [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ares"="c:\program files\Ares\Ares.exe" [2012-02-02 3209216]
      "Pokki"="c:\users\Jessica\AppData\Local\Pokki\v0.260.8.396\pokki.exe" [2012-11-28 5453656]
      "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-12-05 968592]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-02-11 10025576]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-16 150552]
      "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-05 1692968]
      "Power Management"="c:\program files\eMachines\eMachines Power Management\ePowerTray.exe" [2011-05-10 715368]
      "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
      "Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-06-29 217256]
      "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-09-01 90448]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-16 141848]
      "PSUAMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2012-11-15 32032]
      .
      c:\users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
      "AppInit_DLLs"=c:\progra~2\BROWSE~1\25911~1.18\{C16C1~1\mngr.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
      2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
      2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
      2010-06-16 14:33 173592 ----a-w- c:\windows\System32\hkcmd.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
      2012-12-05 04:13 968592 ----a-w- c:\program files\uTorrent\uTorrent.exe
      .
      R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys [x]
      R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
      R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS [x]
      R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [x]
      R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
      R4 NNSPihsw;NNSPihsw;c:\windows\system32\DRIVERS\NNSPihsw.sys [x]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
      S1 NNSAlpc;NNSAlpc;c:\windows\system32\DRIVERS\NNSAlpc.sys [x]
      S1 NNSHttp;NNSHttp;c:\windows\system32\DRIVERS\NNSHttp.sys [x]
      S1 NNSIds;NNSIds;c:\windows\system32\DRIVERS\NNSIds.sys [x]
      S1 NNSPicc;NNSPicc;c:\windows\system32\DRIVERS\NNSPicc.sys [x]
      S1 NNSPop3;NNSPop3;c:\windows\system32\DRIVERS\NNSPop3.sys [x]
      S1 NNSProt;NNSProt;c:\windows\system32\DRIVERS\NNSProt.sys [x]
      S1 NNSPrv;NNSPrv;c:\windows\system32\DRIVERS\NNSPrv.sys [x]
      S1 NNSSmtp;NNSSmtp;c:\windows\system32\DRIVERS\NNSSmtp.sys [x]
      S1 NNSStrm;NNSStrm;c:\windows\system32\DRIVERS\NNSStrm.sys [x]
      S1 NNSTlsc;NNSTlsc;c:\windows\system32\DRIVERS\NNSTlsc.sys [x]
      S1 PSINKnc;PSINKnc;c:\windows\system32\DRIVERS\psinknc.sys [x]
      S2 ePowerSvc;Acer ePower Service;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe [x]
      S2 GREGService;GREGService;c:\program files\eMachines\Registration\GREGsvc.exe [x]
      S2 Live Updater Service;Live Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [x]
      S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [x]
      S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
      S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
      S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
      S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
      S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [x]
      S2 PSUAService;Panda Product Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSUAService.exe [x]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - MBAMSWISSARMY
      *NewlyCreated* - NNSALPC
      *NewlyCreated* - NNSHTTP
      *NewlyCreated* - NNSIDS
      *NewlyCreated* - NNSNAHSL
      *NewlyCreated* - NNSPICC
      *NewlyCreated* - NNSPOP3
      *NewlyCreated* - NNSPROT
      *NewlyCreated* - NNSPRV
      *NewlyCreated* - NNSSMTP
      *NewlyCreated* - NNSSTRM
      *NewlyCreated* - NNSTLSC
      *NewlyCreated* - PSINAFLT
      *NewlyCreated* - PSINFILE
      *NewlyCreated* - PSINKNC
      *NewlyCreated* - PSINPROC
      *NewlyCreated* - PSINPROT
      *NewlyCreated* - PSKMAD
      *Deregistered* - MBAMSwissArmy
      *Deregistered* - PSKMAD
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-12-06 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-17 20:00]
      .
      2012-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2012-12-06 11:02]
      .
      2012-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2012-12-06 11:02]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepage&toolbarid=pandasecuritytb&v=4_0&u=0D32F7F345CD6720DE482A50C10F21C0
      mStart Page = Google
      uInternet Settings,ProxyOverride = *.local
      IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 192.168.1.254
      FF - ProfilePath - c:\users\Jessica\AppData\Roaming\Mozilla\Firefox\Profiles\mrho76bv.default\
      FF - prefs.js: browser.search.selectedEngine -
      FF - prefs.js: browser.startup.homepage - google.com
      FF - prefs.js: browser.search.selectedEngine - blekko
      FF - prefs.js: browser.startup.homepage - hxxp://pandasecurity.mystart.com/?source=5b97eeb3&tbp=homepage&toolbarid=pandasecuritytb&v=4_0&u=0D32F7F345CD6720DE482A50C10F21C0
      FF - ExtSQL: 2012-11-21 17:52; {58bd07eb-0ee0-4df0-8121-dc9b693373df}; c:\programdata\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
      FF - ExtSQL: 2012-12-04 21:57; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Jessica\AppData\Roaming\Mozilla\Firefox\Profiles\mrho76bv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      .
      - - - - ORPHANS REMOVED - - - -
      .
      AddRemove-DealPly - c:\program files\DealPly\uninst.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2012-12-06 16:28:52
      ComboFix-quarantined-files.txt 2012-12-06 22:28
      .
      Pre-Run: 98,541,289,472 bytes libres
      Post-Run: 98,185,818,112 bytes libres
      .
      - - End Of File - - 44C49A46C7950CB94888CC0A226BE8F1

    10. #10
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.708

      Re: pc muy muy lenta y pagina de babylon en exploradores

      Has ejecutado ComboFix desde "Running from: c:\users\Jessica\Downloads\ComboFix.exe" y debes hacerlo desde el escritorio, córtalo y pegalo en el escritorio y lo vuelves a pasar.

      Nos pones el nuevo análisis y nos indicas como sigue el equipo en relación al problema inicialmente planteado.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo