• Registrarse
  • Iniciar sesión


  • Página 3 de 4 PrimeroPrimero 1234 ÚltimoÚltimo
    Resultados 21 al 30 de 38

    Mi portatil está infectado y no se como eliminar los virus :(

    Me despiste de comentar lo de los principales problemas. Pues lo que le pasa al portatil es basicamente lo comentado anteriormente. Hay unas toolbars que aunque las elimine cuando reinicio el sistema vuelven a aparecer ...

    1. #21
      Usuario Avatar de petimuky
      Registrado
      jun 2008
      Ubicación
      Espana
      Mensajes
      53

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Me despiste de comentar lo de los principales problemas. Pues lo que le pasa al portatil es basicamente lo comentado anteriormente. Hay unas toolbars que aunque las elimine cuando reinicio el sistema vuelven a aparecer y se me bloquea el chrome. Si tengo el malwarebytes activo me sale aquella ventana constantemente bloqueando un acceso y ambos navegadores, chrome y explorer, no conectan con internet. Si deshabilito el malwarebytes entonces si. El portatil tiene instalado un programa llamado Mediaget que no se como eliminar porque no aparece en ningun lado, ni con el tune up ni otros que he probado. Al iniciar el sistema me sale un mensaje de error de algo llamado MobileConnect y al cerrarlo desaparece. Esos son principalmente los problemas que tengo con el portatil.

      Muchas gracias por todo !!

    2. #22
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.467

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola,

      Entiendo, buena explicación

      Una pregunta. Google no te redirecciona a otras páginas? Y, dónde se ubica el Svchost que te detecta malwarebytes?

      Por el momento, podemos continuar con estos pasos, que son para eliminar completamente las toolbars, y para desactivar el MediaGet

      Saludos

    3. #23
      Usuario Avatar de petimuky
      Registrado
      jun 2008
      Ubicación
      Espana
      Mensajes
      53

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola de nuevo :)

      He hecho lo que me has dicho. Lo unico que cuando intento borrar Ask toolbar me sale un mensaje que dice que la desinstalacion esta solo disponible para el producto correctamente instalado. Yo creo que mi sobrino estuvo en su momento borrando carpetas o cosas asi porque no sabia desinstalar los programas. Otra cosa, en el desinstalador del revo hay un programa, el primero de todos los que me aparecen, que se llama solo Updater. Lo borro o lo dejo ?

      Ah por cierto !! El mediaget ya no aparece en la barra !! Se borro !!! :D:D
      Si activo la opcion del malwarebytes de bloqueo de sitios web, la ventana me sigue saliendo y dice: Bloqueado con exito el acceso a un sitio web potencialmente malicioso: (y aqui una ip que cambia constantemente). Luego debajo pone Tipo: Salientes. Puerto: (cambia constantemente) Proceso: svchost.exe (este es siempre el mismo)

      Esto aparece cuando abro el chrome. Me saltan esos avisos y el chrome no tira. Ahora si deshabilito esa opcion del malwarebytes, el chrome funciona pero me aparecen las toolbars esas como si acabasen de instalarse con un mensaje de welcome y se llaman FLV Runner toolbar installed.

      No se si me habre explicado bien. Espero tu ayuda amigo !!

      Mil gracias

    4. #24
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.467

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola,

      Cita Originalmente publicado por petimuky
      Lo unico que cuando intento borrar Ask toolbar me sale un mensaje que dice que la desinstalacion esta solo disponible para el producto correctamente instalado. Yo creo que mi sobrino estuvo en su momento borrando carpetas o cosas asi porque no sabia desinstalar los programas.
      No importa, no te preocupes por esto

      Cita Originalmente publicado por petimuky
      Otra cosa, en el desinstalador del revo hay un programa, el primero de todos los que me aparecen, que se llama solo Updater. Lo borro o lo dejo ?
      El Update Manager? Si es este, desinstalalo

      Como tenés una infección bastante compleja, y como se dificulta más eliminarla sin el AT-Destroyer, si te parece vamos a reportar el tema al Staff, para que puedan ayudarte mejor a resolver el problema
      Muy pronto llegará alguien con una respuesta.

      Saludos

    5. #25
      Usuario Avatar de petimuky
      Registrado
      jun 2008
      Ubicación
      Espana
      Mensajes
      53

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Muchisimas gracias Raudron !!!!

      Me quedo a la espera entonces :)

      Un saludo !

    6. #26
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola chicos:


      Actualiza Malwarebytes, lo ejecutas:

      Malwarebytes' Anti-Malware;

      • Realizas un Scan Completo.
      • Marcar la opción "Quitar lo Seleccionado".
      • Su Reporte se encuentra en la Pestaña Registro.


      Descarga OTL By OldTimer


      >>> Para Ejecutar OTL

      • Cerrar todos programas que tengas abiertos y hacer doble clic en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, solo debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Cita.
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        %PROGRAMFILES%\*.*
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.




      • Presionar el botón >>
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.




      Salu2

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #27
      Usuario Avatar de petimuky
      Registrado
      jun 2008
      Ubicación
      Espana
      Mensajes
      53

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola SanMar ! Muchas gracias por responder y ayudarme !!

      He hecho lo que me has pedido y aqui te dejo los reportes de ambos programas :)

      Malwarebytes:


      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.12.16.07

      Windows 7 x86 NTFS
      Internet Explorer 9.0.8112.16421
      KADIR :: KADIR-PC [administrador]

      Protección: Habilitado

      16/12/2012 15:39:50
      mbam-log-2012-12-16 (15-39-50).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 285075
      Tiempo transcurrido: 1 hora(s), 25 minuto(s), 7 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)


      Y el del OTM:


      OTL logfile created on: 16/12/2012 17:17:27 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\KADIR\Desktop
      Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000C0A | Country: Spagna | Language: ESN | Date Format: dd/MM/yyyy

      2,95 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 61,42% Memory free
      5,90 Gb Paging File | 4,64 Gb Available in Paging File | 78,56% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 465,66 Gb Total Space | 427,86 Gb Free Space | 91,88% Space Free | Partition Type: NTFS

      Computer Name: KADIR-PC | User Name: KADIR | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\KADIR\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Programmi\Anvisoft\Anvi Smart Defender\ASDSrv.exe (Anvisoft)
      PRC - C:\Programmi\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe ()
      PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Programmi\SlimDrivers\SlimDrivers.exe (SlimWare Utilities, Inc.)
      PRC - C:\Programmi\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe (Symantec Corporation)
      PRC - C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
      PRC - C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
      PRC - C:\Programmi\Fighters\FighterSuiteService.exe (SPAMfighter ApS)
      PRC - C:\Programmi\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
      PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
      PRC - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
      PRC - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Programmi\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Programmi\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Programmi\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Programmi\WinRAR\RarExt.dll ()
      MOD - C:\Windows\System32\IccLibDll.dll ()


      ========== Services (SafeList) ==========

      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (BasicSeek Service) -- C:\Program Files\BasicSeek\basicseek.exe ()
      SRV - (asdsrv) -- C:\Programmi\Anvisoft\Anvi Smart Defender\ASDSrv.exe (Anvisoft)
      SRV - (ADBlockerSrv) -- C:\Programmi\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe ()
      SRV - (MBAMService) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (Norton PC Checkup Application Launcher) -- C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe (Symantec Corporation)
      SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (avast! Antivirus) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (Common Toolkit Tools) -- C:\Programmi\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe (SPAMfighter ApS)
      SRV - (TuneUp.UtilitiesSvc) -- C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
      SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
      SRV - (Suite Service) -- C:\Programmi\Fighters\FighterSuiteService.exe (SPAMfighter ApS)
      SRV - (SoftwareUpd) -- C:\Users\KADIR\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe (SoftwareUpdService)
      SRV - (Intel(R) -- C:\Programmi\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
      SRV - (ServUpdater) -- C:\Users\KADIR\AppData\Local\ServUpdater\ServiceUpd.exe (ServiceUpd)
      SRV - (PCCUJobMgr) -- C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe (Symantec Corporation)
      SRV - (wlidsvc) -- C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Programmi\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (WMPNetworkSvc) -- C:\Programmi\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (UNS) -- C:\Programmi\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Programmi\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (SWDUMon) -- C:\Windows\System32\drivers\SWDUMon.sys ()
      DRV - (asdrs) -- C:\Windows\System32\drivers\asdrs.sys (Anvisoft)
      DRV - (asdws) -- C:\Windows\System32\drivers\asdws.sys ()
      DRV - (asdrm) -- C:\Windows\System32\drivers\asdrm.sys (Anvisoft)
      DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (asdnet) -- C:\Programmi\Anvisoft\Anvi Smart Defender\toolbox\adblocker\sys\x86\asdnet.sys ()
      DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
      DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
      DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
      DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
      DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
      DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
      DRV - (TuneUpUtilitiesDrv) -- C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
      DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
      DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
      DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV - (RSPCIESTOR) -- C:\Windows\System32\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
      DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=101&systemid=410&apn_dtid=BND410&apn_ptnrs=AGA&o=APN10649&apn_uid=9653303501744419&q={searchTerms}
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=161&systemid=431&sr=0&q={searchTerms}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = Babylon Search
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN UK - Hotmail.co.uk sign in, Messenger, Skype and Latest News
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Italia: Hotmail, Messenger, Skype, Windows Live
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 37 F9 13 1C C6 09 CD 01 [binary data]
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms}
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms}
      IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
      IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.bing.com/search?q={searchTerms}
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=117166&tt=111212_nobl_5012_4&babsrc=SP_ss&mntrId=161d57c200000000000078843cf7f085
      IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14674&src=crm&q={searchTerms}&locale=&apn_ptnrs=T9&apn_dtid=zzz001YYGB&apn_uid=cac584e6-f62e-45fb-8939-4258bfae7863&apn_sauid=2F1066BF-2AE2-4F51-9A87-A689DE1DDA21
      IE - HKCU\..\SearchScopes\{38A1AE76-6602-454D-B823-E3BA7EA7EF51}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU3&o=15384&src=kw&q={searchTerms}&locale=it_UK&apn_ptnrs=UL&apn_dtid=YYYYYYYYGB&apn_uid=d51cff7b-ed64-423e-8707-64bf5a49db7b&apn_sauid=A586F32A-8D19-486B-80A6-981E37077EE4
      IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
      IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=101&systemid=410&apn_dtid=BND410&apn_ptnrs=AGA&o=APN10649&apn_uid=9653303501744419&q={searchTerms}
      IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=161&systemid=431&sr=0&q={searchTerms}
      IE - HKCU\..\SearchScopes\{d3f22a84-2a84-49eb-91e6-5dadaaf0165d}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRxdm298YYgb&ptnrS=GRxdm298YYgb&ptb=F23689CF-1132-4BD8-A260-40673B5F524C&ind=2012111420&n=77ee623c&psa=&st=sb&searchfor={searchTerms}
      IE - HKCU\..\SearchScopes\{F42D4712-298F-4502-8668-7B9940C3FB00}: "URL" = http://www.basicseek.com/?prt=bscsk50r1&keywords={searchTerms}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


      ========== FireFox ==========

      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\KADIR\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/12 10:52:48 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012/12/11 11:35:18 | 000,000,000 | ---D | M]

      [2012/11/15 16:11:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KADIR\AppData\Roaming\mozilla\Extensions
      [2012/11/15 16:11:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
      [2012/09/04 00:18:09 | 000,003,771 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
      [2012/10/24 00:29:44 | 000,002,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml

      ========== Chrome ==========

      CHR - homepage: Google
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: Google
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
      CHR - plugin: BrowserProtect (Enabled) = C:\Users\KADIR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
      CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\KADIR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.9_0\BabylonChromeToolBar.dll
      CHR - plugin: Wajam (Enabled) = C:\Users\KADIR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
      CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\KADIR\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.11.6.8_0\plugins/ConduitChromeApiPlugin.dll
      CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\KADIR\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo\10.11.6.8_0\plugins/np-cwmp.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      CHR - Extension: Wajam = C:\Users\KADIR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
      CHR - Extension: BrowserProtect = C:\Users\KADIR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\

      O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programmi\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
      O3 - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [ADBlocker] C:\Program Files\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe ()
      O4 - HKLM..\Run: [Anvi Smart Defender] C:\Programmi\Anvisoft\Anvi Smart Defender\ASDTray.exe (Anvisoft)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8 - Extra context menu item: Free YouTube Download - C:\Users\KADIR\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
      O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programmi\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A627222F-4402-439C-943F-A554724D4A50}: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A627222F-4402-439C-943F-A554724D4A50}: NameServer = 176.31.229.24,176.31.229.25
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O20 - AppInit_DLLs: (c:\progra~2\browse~2\25986~1.67\{c16c1~1\browse~1.dll) - File not found
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O33 - MountPoints2\{7b5de2e0-dd42-11e1-8a7d-78843cf7f085}\Shell - "" = AutoRun
      O33 - MountPoints2\{7b5de2e0-dd42-11e1-8a7d-78843cf7f085}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
      O33 - MountPoints2\{f95383f6-79a7-11e1-b08c-78843cf7f085}\Shell - "" = AutoRun
      O33 - MountPoints2\{f95383f6-79a7-11e1-b08c-78843cf7f085}\Shell\AutoRun\command - "" = E:\iStudio.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O34 - HKLM BootExecute: (MACHINE BootExecut)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found

      MsConfig - StartUpReg: CommonToolkitTray - hkey= - key= - C:\Programmi\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
      MsConfig - StartUpReg: Facebook Update - hkey= - key= - C:\Users\KADIR\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      MsConfig - StartUpReg: FDPRO-516 - hkey= - key= - C:\Program Files\Fighters\FighterLauncher.exe (SPAMfighter ApS)
      MsConfig - StartUpReg: MediaGet2 - hkey= - key= - C:\Users\KADIR\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
      MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
      MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - File not found

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/12/16 17:07:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\KADIR\Desktop\OTL.exe
      [2012/12/15 14:22:40 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Roaming\Anvisoft
      [2012/12/15 14:22:04 | 000,022,864 | ---- | C] (Anvisoft) -- C:\Windows\System32\drivers\asdrs.sys
      [2012/12/15 14:22:04 | 000,016,208 | ---- | C] (Anvisoft) -- C:\Windows\System32\drivers\asdrm.sys
      [2012/12/15 14:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\anvisoft
      [2012/12/15 14:21:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
      [2012/12/15 14:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\Anvisoft
      [2012/12/15 13:03:42 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
      [2012/12/15 06:48:32 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
      [2012/12/15 06:48:31 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
      [2012/12/14 08:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
      [2012/12/13 14:43:48 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2012/12/13 13:40:55 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\VS Revo Group
      [2012/12/13 11:04:00 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Roaming\Malwarebytes
      [2012/12/13 11:03:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/12/13 11:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/12/13 11:03:26 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2012/12/13 11:03:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2012/12/13 10:50:58 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [2012/12/13 10:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
      [2012/12/13 10:50:52 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
      [2012/12/13 10:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
      [2012/12/13 10:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
      [2012/12/13 10:13:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
      [2012/12/13 10:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PC Checkup 3.0
      [2012/12/13 10:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\Norton PC Checkup 3.0
      [2012/12/13 09:02:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
      [2012/12/11 11:51:14 | 000,000,000 | ---D | C] -- C:\Users\KADIR\.smplayer
      [2012/12/11 11:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
      [2012/12/11 11:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\postureAgent
      [2012/12/11 11:39:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
      [2012/12/11 11:38:59 | 000,000,000 | ---D | C] -- C:\Program Files\SMPlayer
      [2012/12/11 11:37:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters
      [2012/12/11 11:36:53 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Roaming\Fighters
      [2012/12/11 11:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Fighters
      [2012/12/11 11:36:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
      [2012/12/11 11:36:00 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\Shopping Sidekick
      [2012/12/11 11:35:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
      [2012/12/11 11:35:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
      [2012/12/11 11:35:18 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Roaming\BabSolution
      [2012/12/11 11:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
      [2012/12/11 10:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
      [2012/12/11 10:14:16 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
      [2012/12/11 10:14:15 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
      [2012/12/11 10:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
      [2012/12/11 10:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
      [2012/12/11 10:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      [2012/12/11 10:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2012/12/11 09:51:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
      [2012/12/11 05:45:35 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{EB5DAAB7-A182-4339-ABF3-B51B44308CA2}
      [2012/12/11 0530 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{71F82E00-9B9C-45C1-A1DA-30090B73C273}
      [2012/12/11 04:45:11 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{D08F0529-94C1-48B7-A673-B34D56C8D669}
      [2012/12/11 03:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
      [2012/12/11 00:31:29 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{CC87D56C-8CE6-4F89-83CB-8642066FBEA1}
      [2012/12/09 12:59:56 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{68F1786C-F2F9-4953-9C8E-5EF9743B71C7}
      [2012/12/07 03:24:04 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{0E018D35-2597-41A0-A245-EF26967410B3}
      [2012/12/06 00:58:57 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Roaming\PCCUStubInstaller
      [2012/12/05 15:40:54 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{66D57F7F-99FE-4CAC-A929-1F444E63AD39}
      [2012/12/04 22:33:36 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Optimizer Pro
      [2012/12/04 22:23:21 | 000,000,000 | ---D | C] -- C:\Program Files\PC Optimizer Pro
      [2012/12/04 22:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
      [2012/12/04 14:39:28 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{FA159ACB-8A7F-496A-A908-37300E321DFE}
      [2012/12/04 02:44:45 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Roaming\Media Get LLC
      [2012/12/04 02:34:06 | 000,000,000 | ---D | C] -- C:\ProgramData\BasicSeek
      [2012/12/04 02:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\BasicSeek
      [2012/12/04 02:28:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Get LLC
      [2012/12/04 02:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
      [2012/12/04 02:28:02 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\MediaGet2
      [2012/12/04 02:28:02 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\Media Get LLC
      [2012/12/03 1616 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{1E0351A9-559F-4ED2-BDA2-C18742A7B74F}
      [2012/12/02 14:24:05 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{AE540601-4620-4362-89F0-694787072246}
      [2012/12/02 00:36:39 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{763299DF-0516-41B9-9585-87C93C67F26A}
      [2012/12/01 05:12:47 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{5D965B36-0C9E-4184-ADE7-7D1A82E0FED1}
      [2012/11/30 17:11:21 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{43780253-EAA0-403F-AAEF-1164A0E2B4BE}
      [2012/11/29 1652 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{ED9FCDD2-4F72-45A0-9812-E06F1E12BAD9}
      [2012/11/28 15:46:34 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{082BEB73-D9CB-40AB-87D5-AA9A1542FB22}
      [2012/11/27 14:15:29 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{0768D7E3-B740-482D-9F88-7470A93D2951}
      [2012/11/26 16:55:38 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{61F077A3-CF6E-4E88-91DC-9A53E6B9F2DE}
      [2012/11/23 15:48:30 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{D90368C7-BE78-479A-93DF-BBBE8735943C}
      [2012/11/22 15:08:20 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{45050393-43CF-4209-9F99-E7872E3364F3}
      [2012/11/16 17:50:51 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\{CBC1C497-B080-46C6-BA22-9F5BFFA9C12C}
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/12/16 1701 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/12/16 17:07:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KADIR\Desktop\OTL.exe
      [2012/12/16 16:38:02 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/12/16 16:33:58 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2433817375-573850760-1329335535-1000UA.job
      [2012/12/16 02:20:30 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/12/16 02:20:30 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/12/16 02:13:44 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
      [2012/12/16 02:11:29 | 000,013,024 | ---- | M] () -- C:\Windows\System32\drivers\SWDUMon.sys
      [2012/12/16 0255 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/12/16 0241 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/12/16 0233 | 2376,486,912 | -HS- | M] () -- C:\hiberfil.sys
      [2012/12/15 14:22:04 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Anvi Smart Defender.lnk
      [2012/12/15 14:22:01 | 000,001,458 | ---- | M] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
      [2012/12/15 06:48:32 | 000,001,222 | ---- | M] () -- C:\Users\KADIR\Desktop\Revo Uninstaller.lnk
      [2012/12/15 04:31:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2433817375-573850760-1329335535-1000Core.job
      [2012/12/15 0249 | 000,000,556 | ---- | M] () -- C:\Windows\System32\MyDefrag.debuglog
      [2012/12/14 11:43:36 | 000,025,712 | ---- | M] () -- C:\Users\KADIR\Documents\cc_20121214_114332.reg
      [2012/12/14 09:33:48 | 000,001,569 | ---- | M] () -- C:\scu.dat
      [2012/12/13 12:14:58 | 000,034,730 | ---- | M] () -- C:\Users\KADIR\Documents\cc_20121213_121452.reg
      [2012/12/13 11:07:18 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/12/13 10:01:49 | 000,001,155 | ---- | M] () -- C:\Users\Public\Desktop\Norton PC Checkup 3.0.lnk
      [2012/12/13 09:57:54 | 000,698,570 | ---- | M] () -- C:\Windows\System32\perfh010.dat
      [2012/12/13 09:57:54 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2012/12/13 09:57:54 | 000,127,764 | ---- | M] () -- C:\Windows\System32\perfc010.dat
      [2012/12/13 09:57:54 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2012/12/11 11:39:02 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\SMPlayer.lnk
      [2012/12/11 11:37:33 | 000,001,962 | ---- | M] () -- C:\Users\Public\Desktop\FULL-DISKfighter.lnk
      [2012/12/11 10:32:41 | 000,002,233 | ---- | M] () -- C:\Users\KADIR\Desktop\Google Chrome.lnk
      [2012/12/11 10:14:11 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Mantenimiento con 1 clic.lnk
      [2012/12/11 10:14:11 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
      [2012/12/11 10:12:28 | 000,061,956 | ---- | M] () -- C:\Users\KADIR\Documents\cc_20121211_101223.reg
      [2012/12/11 10:03:50 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/12/15 14:22:04 | 000,014,160 | ---- | C] () -- C:\Windows\System32\drivers\asdws.sys
      [2012/12/15 14:22:04 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Anvi Smart Defender.lnk
      [2012/12/15 14:22:01 | 000,001,458 | ---- | C] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
      [2012/12/15 06:48:32 | 000,001,222 | ---- | C] () -- C:\Users\KADIR\Desktop\Revo Uninstaller.lnk
      [2012/12/14 11:43:34 | 000,025,712 | ---- | C] () -- C:\Users\KADIR\Documents\cc_20121214_114332.reg
      [2012/12/14 09:32:35 | 000,001,569 | ---- | C] () -- C:\scu.dat
      [2012/12/13 12:14:55 | 000,034,730 | ---- | C] () -- C:\Users\KADIR\Documents\cc_20121213_121452.reg
      [2012/12/13 11:03:28 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2012/12/13 10:01:49 | 000,001,155 | ---- | C] () -- C:\Users\Public\Desktop\Norton PC Checkup 3.0.lnk
      [2012/12/11 11:40:58 | 000,000,556 | ---- | C] () -- C:\Windows\System32\MyDefrag.debuglog
      [2012/12/11 11:39:02 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\SMPlayer.lnk
      [2012/12/11 11:37:33 | 000,001,962 | ---- | C] () -- C:\Users\Public\Desktop\FULL-DISKfighter.lnk
      [2012/12/11 10:32:41 | 000,002,233 | ---- | C] () -- C:\Users\KADIR\Desktop\Google Chrome.lnk
      [2012/12/11 10:31:30 | 000,001,136 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/12/11 10:31:29 | 000,001,132 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/12/11 10:14:11 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Mantenimiento con 1 clic.lnk
      [2012/12/11 10:14:11 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
      [2012/12/11 10:14:10 | 000,002,141 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
      [2012/12/11 10:12:26 | 000,061,956 | ---- | C] () -- C:\Users\KADIR\Documents\cc_20121211_101223.reg
      [2012/12/11 10:03:50 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2012/11/16 12:56:59 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
      [2012/11/16 12:26:05 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
      [2012/11/16 12:26:01 | 000,064,512 | ---- | C] () -- C:\Windows\System32\igdde32.dll
      [2012/11/16 12:25:48 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin
      [2012/11/16 12:25:48 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin
      [2012/11/16 12:25:48 | 000,000,259 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
      [2012/08/12 22:18:34 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
      [2012/08/12 22:18:29 | 000,963,884 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
      [2012/08/12 22:18:29 | 000,221,264 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
      [2012/08/12 22:18:29 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
      [2012/08/12 22:12:50 | 000,013,024 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
      [2012/08/12 21:00:02 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
      [2012/08/05 18:27:33 | 000,000,017 | ---- | C] () -- C:\Users\KADIR\AppData\Local\resmon.resmoncfg
      [2012/06/22 21:38:08 | 000,003,584 | ---- | C] () -- C:\Users\KADIR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/04/26 22:21:22 | 000,001,656 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
      [2012/04/20 13:57:00 | 000,001,536 | ---- | C] () -- C:\Windows\System32\IusEventLog.dll
      [2009/08/28 14:16:16 | 000,130,238 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

      ========== ZeroAccess Check ==========

      [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/04/26 01:44:17 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\Advanced System Protector
      [2012/12/15 14:22:40 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\Anvisoft
      [2012/12/11 11:35:19 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\BabSolution
      [2012/11/15 16:35:46 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\BrowserCompanion
      [2012/12/13 10:50:58 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [2012/08/12 11:09:25 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\DVDVideoSoft
      [2012/12/11 11:38:31 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\Fighters
      [2012/10/24 00:30:23 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\FreeAudioPack
      [2012/10/24 00:32:22 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\FreeCDRipper
      [2012/12/11 05:04:27 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\Media Get LLC
      [2012/06/22 19:58:42 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\MusicNet
      [2012/12/11 11:53:58 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\PCCUStubInstaller
      [2012/08/12 1157 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\Systweak
      [2012/06/22 19:46:29 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\TuneUp Software
      [2012/08/05 11:31:50 | 000,000,000 | ---D | M] -- C:\Users\KADIR\AppData\Roaming\Vodafone

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/08/12 21:50:07 | 000,000,319 | ---- | M] () -- C:\AT-Cuarentena
      [2012/12/15 15:45:43 | 000,003,395 | ---- | M] () -- C:\AT-Destroyer.txt
      [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2012/12/16 0233 | 2376,486,912 | -HS- | M] () -- C:\hiberfil.sys
      [2012/12/16 0237 | 3168,649,216 | -HS- | M] () -- C:\pagefile.sys
      [2012/12/14 09:33:48 | 000,001,569 | ---- | M] () -- C:\scu.dat
      [2012/12/13 14:42:08 | 000,134,608 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_13.12.2012_14.29.07_log.txt

      < %PROGRAMFILES%\*.* >
      [2009/07/14 05:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:DBC416F8

      < End of report >


      Muchisimas gracias una vez mas por la ayuda que me estan ofreciendo !!!

      Saludos!

    8. #28
      Usuario Avatar de petimuky
      Registrado
      jun 2008
      Ubicación
      Espana
      Mensajes
      53

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      [email protected] por favor, no se olviden de mi !! :)

      Sigo a la espera para que me digan que puedo hacer despues de haber subido el informe del OTM.

      Muchisimas gracias por la ayuda :)

    9. #29
      Usuario Avatar de WarlockSama
      Registrado
      dic 2012
      Ubicación
      Banderbill
      Mensajes
      112

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Quedate tranquilo que tardan un poco en responder. Saludos
      Última edición por WarlockSama fecha: 18/12/12 a las 19:41:10

    10. #30
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola petimuky:


      Tienes mucha basura en ese ordenador....


      Realiza lo siguiente:


      Con Revo Unistaller que veo lo tienes instalado desisntala seleccionando su Modo Avanzado :

      Anvi Smart Defender


      Para solucionar el problema en Google Chrome:


      1.- Exporta los marcadores si te interesan:

      1. Haz clic en el icono con forma de llave inglesa situado en la barra de herramientas del navegador.
      2. Selecciona Administrador de marcadores.
      3. Haz clic en el menú Organizar del administrador.
      4. Selecciona Exportar marcadores...
      5. Selecciona la ubicación en la que quieras guardar el archivo exportado y, a continuación, haz clic en Guardar.


      Google Chrome exporta los marcadores en un archivo HTML.



      2.- Desinstala el navegador con RevoUnistaller, cuando te de la opción selecciona su Modo Avanzado


      Manual de Revo Uninstaller

      3.- Reinicias.

      4.- Ejecutas CCleaner en sus dos opciones Limpiador y Registro, como lo indica su Manual.


      No lo reinstales aun.

      Ejecutar OTL.exe
      • Pegue el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:
        • NOTA: No copiar la palabra codigo.

        Código:
        :OTL
        MsConfig - StartUpReg: MediaGet2 - hkey= - key= - C:\Users\KADIR\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
        [2012/12/04 02:28:02 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\MediaGet2
        [2012/12/04 02:28:02 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\Media Get LLC
        SRV - (BasicSeek Service) -- C:\Program Files\BasicSeek\basicseek.exe ()
        IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
        IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=101&systemid=410&apn_dtid=BND410&apn_ptnrs=AGA&o=APN10649&apn_uid=9653303501744419&q={searchTerms}
        IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=161&systemid=431&sr=0&q={searchTerms}
        IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = Babylon Search
        IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
        IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=117166&tt=111212_nobl_5012_4&babsrc=SP_ss&mntrId=161d57c200000000000078843cf7f085
        IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14674&src=crm&q={searchTerms}&locale=&apn_ptnrs=T9&apn_dtid=zzz001YYGB&apn_uid=cac584e6-f62e-45fb-8939-4258bfae7863&apn_sauid=2F1066BF-2AE2-4F51-9A87-A689DE1DDA21
        IE - HKCU\..\SearchScopes\{38A1AE76-6602-454D-B823-E3BA7EA7EF51}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU3&o=15384&src=kw&q={searchTerms}&locale=it_UK&apn_ptnrs=UL&apn_dtid=YYYYYYYYGB&apn_uid=d51cff7b-ed64-423e-8707-64bf5a49db7b&apn_sauid=A586F32A-8D19-486B-80A6-981E37077EE4
        IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
        IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=101&systemid=410&apn_dtid=BND410&apn_ptnrs=AGA&o=APN10649&apn_uid=9653303501744419&q={searchTerms}
        IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=161&systemid=431&sr=0&q={searchTerms}
        IE - HKCU\..\SearchScopes\{d3f22a84-2a84-49eb-91e6-5dadaaf0165d}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRxdm298YYgb&ptnrS=GRxdm298YYgb&ptb=F23689CF-1132-4BD8-A260-40673B5F524C&ind=2012111420&n=77ee623c&psa=&st=sb&searchfor={searchTerms}
        IE - HKCU\..\SearchScopes\{F42D4712-298F-4502-8668-7B9940C3FB00}: "URL" = http://www.basicseek.com/?prt=bscsk50r1&keywords={searchTerms}
        IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
        IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
        [2012/09/04 00:18:09 | 000,003,771 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
        O3 - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
        O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
        O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
        O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
        O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
        O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
        O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
        O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - No CLSID value found.
        O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
        O4 - HKLM..\Run: [] File not found
        O13 - gopher Prefix: missing
        O20 - AppInit_DLLs: (c:\progra~2\browse~2\25986~1.67\{c16c1~1\browse~1.dll) - File not found
        O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
        O33 - MountPoints2\{7b5de2e0-dd42-11e1-8a7d-78843cf7f085}\Shell - "" = AutoRun
        O33 - MountPoints2\{7b5de2e0-dd42-11e1-8a7d-78843cf7f085}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
        O33 - MountPoints2\{f95383f6-79a7-11e1-b08c-78843cf7f085}\Shell - "" = AutoRun
        O33 - MountPoints2\{f95383f6-79a7-11e1-b08c-78843cf7f085}\Shell\AutoRun\command - "" = E:\iStudio.exe
        MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - File not found
        [2012/12/14 08:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
        [2012/12/11 11:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
        [2012/12/04 02:34:06 | 000,000,000 | ---D | C] -- C:\ProgramData\BasicSeek
        [2012/12/04 02:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\BasicSeek
        [2012/12/04 02:28:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Get LLC
        [2012/12/04 02:44:45 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Roaming\Media Get LLC
        [2012/12/04 02:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
        2012/12/04 02:28:02 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\MediaGet2
        [2012/12/04 02:28:02 | 000,000,000 | ---D | C] -- C:\Users\KADIR\AppData\Local\Media Get LLC
        [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
        @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:DBC416F8
        
        
        :files
        ipconfig /flushdns /c
        ipconfig /renew /c
        
        :commands
        [resethosts]
        [emptyflash]
        [emptytemp]
        [emptyjava]
        [Reboot]
      • Luego haga clic en el botón Reparar en la parte superior.
      • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
      • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.




      Nos comentas los resultados.

      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.