• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 27

    Certified Toolbar Search en todos los navegadores

    Resumen del tema: Certified Toolbar Search en todos los navegadores - Hola, Desde hace una semana cada vez que abro un navegador lo hace con Certified Toolbar Search . He intentado desinstalarlo en panel de control-programas pero ni siquiera aparece. He intentado eliminarlo mediante la configuración ...

    1. #1
      Usuario Avatar de _laura_1979
      Registrado
      ene 2013
      Ubicación
      españa
      Mensajes
      14

      Malware Certified Toolbar Search en todos los navegadores

      Hola,

      Desde hace una semana cada vez que abro un navegador lo hace con Certified Toolbar Search.
      He intentado desinstalarlo en panel de control-programas pero ni siquiera aparece.
      He intentado eliminarlo mediante la configuración de cada navegador pero tampoco lo encuentro.

      Por favor, me podrían indicar qué hacer? porque lo siguiente que se me ocurre es formatear pero sería un desastre ahora que tengo todo lo que necesito instalado.

      Gracias. Un saludo,
      Laura


      *******************************************


      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 12:06:21, on 23/01/2013
      Platform: Unknown Windows (WinNT 6.01.3505 SP1)
      MSIE: Internet Explorer v9.00 (9.00.8112.16457)
      Boot mode: Normal

      Running processes:
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
      C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
      C:\Users\laraastur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
      C:\Program Files (x86)\Samsung\Kies\Kies.exe
      C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
      C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
      C:\Users\laraastur\AppData\Roaming\Dropbox\bin\Dropbox.exe
      C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
      C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
      C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
      C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
      C:\Program Files\AVAST Software\Avast\AvastUI.exe
      C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      C:\Program Files (x86)\iTunes\iTunesHelper.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Users\laraastur\Desktop\HJT-InfoSpyware.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN España: Hotmail, Messenger, Skype y Cuenta Microsoft
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      F2 - REG:system.ini: UserInit=userinit.exe,
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
      O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
      O2 - BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
      O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
      O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
      O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
      O4 - HKLM\..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
      O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
      O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
      O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe"
      O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
      O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
      O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
      O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
      O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\laraastur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
      O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
      O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1CL446X705PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
      O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
      O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
      O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
      O4 - Startup: Dropbox.lnk = laraastur\AppData\Roaming\Dropbox\bin\Dropbox.exe
      O4 - Startup: Supervisar alertas de tinta - LastresHP.lnk = ?
      O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
      O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
      O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
      O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O13 - Gopher Prefix:
      O15 - Trusted Zone: http://*.mcafee.com
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
      O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
      O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll
      O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
      O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
      O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
      O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
      O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
      O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
      O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
      O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
      O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
      O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
      O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
      O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
      O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
      O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
      O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
      O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

      --
      End of file - 17881 bytes
      Última edición por Javierhf fecha: 27/01/13 a las 18:04:46 Razón: Unir menssajes.

    2. #2
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.991

      Re: Certified Toolbar Search en todos los navegadores

      Hola



      Con Calma y siguiendo al pie de la letra, vas a usar estas 3 Herramientas ...



      Desactivá temporalmente el Antivirus y/o Antispyware. Cómo deshabilitar temporalmente su Antivirus.
      Esta acción debes mantenerla mientras dure todo el trabajo que se te indica abajo.



      Descargá a Tu escritorio la Herramienta AT-Destroyer (by InfoSpyware)

      • Clic derecho sobre su ícono y elegis Ejecutar Como Administrador.
      • Aparecerá el Disclaimer de la herramienta. Presioná .
      • Presioná sobre la opción 1 (Buscar y Destruir)
      • La Herramienta desconectará el escritorio momentaneamente.
      • En caso de haber infecciones, la herramienta lo indicará con lineas rojas. Sino hay infecciones, serán lineas verdes.
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar y pegar en tu próxima respuesta.




      Descargá a Tu escritorio la Herramienta Adwcleaner.exe.

      • Cerrá Todos los programas que tengas abiertos.
      • Clic derecho sobre su ícono y elegis Ejecutar Como Administrador.
      • Pulsas el Boton Supresión.
      • Seguí las Instrucciones. La Herramienta va a pedir Reiniciar el sistema, lo cual debes aceptar.
      • Guardas el reporte generado en el Escritorio, para pegarlo en Tu próxima respuesta.




      NOTA: Volves con los 2 reportes (Si es necesario, utilizá 2 o mas respuestas para pegarlos) y Nos comentas como sigue el ordenador.







      Descargá la herramienta ComboFix.exe a Tu escritorio.

      • Desactivá temporalmente el Antivirus y/o Antispyware. Cómo deshabilitar temporalmente su Antivirus
      • Cerrá todas las ventanas abiertas.
      • Hacá doble clic en el archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generará un registro en C:\ComboFix.txt.




      Notas Importantes:

      • Mientras CF este trabajando, no debes mover el mouse ya que pararía su proceso.
      • ComboFix Puede Reiniciar automáticamente el PC para completar el proceso de eliminación.
      • Una vez Terminado el Trabajo de ComboFix, podes activar Tu antivirus.
      • No Pongas los Reportes Dentro de Etiquetas Code ni HTML.




      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.


      El reporte generado, se encuentra en C:\ComboFix.txt . Abrilo, seleccionas Todo y lo copias y pegas en Tu próxima respuesta.



      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de _laura_1979
      Registrado
      ene 2013
      Ubicación
      españa
      Mensajes
      14

      Re: Certified Toolbar Search en todos los navegadores

      He ejecurado AT-Destroyer durante más de 20 minutos pero se ha quedado colgado en el 22% y he tenido que reiniciar el ordenador.
      ¿Qué hago? ¿Sigo con lo siguientes pasos que me indicas?

    4. #4
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.991

      Re: Certified Toolbar Search en todos los navegadores

      Hola

      Ejecuta AT-Destroyer en Modo Seguro.


      Si aún asi No corre, segui con los otros pasos.


      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de _laura_1979
      Registrado
      ene 2013
      Ubicación
      españa
      Mensajes
      14

      Re: Certified Toolbar Search en todos los navegadores

      Perdona mi ignorancia pero cómo lo ejecuto en modo seguro?

    6. #6
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.991

      Re: Certified Toolbar Search en todos los navegadores

      .-.

      Iniciá el ordenador en Modo Seguro

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de _laura_1979
      Registrado
      ene 2013
      Ubicación
      españa
      Mensajes
      14
      Ya tengo el reporte del AT-destroyer pero al intentar descargar AdwCleaner me ha pasado esto:
      http://download.bleepingcomputer.com...AdwCleaner.exe
      DownTango browser integration is disabled, but plugin wasn't uninstalled correctly.
      Turn off browser integration in DownTango preferences or in browser's plugins section.

      Ayer lo desinstalé pensando que podía ser lo que me estaba dando problemas...

      ¿y ahora? sorry

      *******************************************


      ya lo tengo! En breve paso los reportes


      *******************************************


      Reporte del AT-Destroyer
      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 13:31:58 \\\ 23/01/2013
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:7.0.1.4288
      Google Chrome:24.0.1312.52
      Privilegios: laraastur - Administrador
      Modo Actual: Modo Seguro.
      Nombre del pc: DELL_LARAASTUR
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:laraastur
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\Users\laraastur\AppData\Roaming\OpenCandy\1FE81BBEB7EB4B17AC4F9B6932FDF929 (W32/Adware.OpenCandy)
      C:\Users\laraastur\AppData\Roaming\OpenCandy\1FE81BBEB7EB4B17AC4F9B6932FDF929\TuneUpUtilities2012_es-ES.exe (W32/Adware.OpenCandy)
      C:\Users\laraastur\AppData\Roaming\OpenCandy (W32/Adware.OpenCandy)
      C:\Users\laraastur\AppData\Roaming\OfferBox\config.xml (W32/Adware.OfferBox)
      C:\Users\laraastur\AppData\Roaming\OfferBox\http_app.offerbox.com (W32/Adware.OfferBox)
      C:\Users\laraastur\AppData\Roaming\OfferBox\http_app.offerbox.com\country.sxe (W32/Adware.OfferBox)
      C:\Users\laraastur\AppData\Roaming\OfferBox\http_app.offerbox.com\extracountry.sxe (W32/Adware.OfferBox)
      C:\Users\laraastur\AppData\Roaming\OfferBox\http_app.offerbox.com\history.db (W32/Adware.OfferBox)
      C:\Users\laraastur\AppData\Roaming\OfferBox\http_app.offerbox.com\profile.sxe (W32/Adware.OfferBox)
      C:\Users\laraastur\AppData\Roaming\OfferBox\http_app.offerbox.com\update.sxe (W32/Adware.OfferBox)
      C:\Users\laraastur\AppData\Roaming\OfferBox\http_app.offerbox.com\update.xml (W32/Adware.OfferBox)
      C:\Users\laraastur\AppData\Roaming\OfferBox (W32/Adware.OfferBox)
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe 97
      C:\ProgramData\Tarma Installer 97


      >>>>>> Archivos <<<<<<

      C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
      C:\user.js


      >>>>>> Registro <<<<<<

      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\OfferBox
      HKEY_CURRENT_USER\Software\OfferBox
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://www.google.com
      Default_search_url==http://www.google.com
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.google.com
      Default_search_url==http://www.google.com
      Default_Page_URL==http://g.uk.msn.com/USCON/15


      HKEY_USERS\S-1-5-21-2133042040-2247071140-165027930-1002\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.google.com
      Default_search_url==http://www.google.com
      Default_Page_URL==http://g.uk.msn.com/USCON/15


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "www.google.com");
      user_pref("browser.startup.homepage_override.buildID", "20110928134238");
      user_pref("browser.startup.homepage_override.mstone", "rv:7.0.1");
      user_pref("pref.browser.homepage.disable_button.current_page", false);
      user_pref("pref.browser.homepage.disable_button.restore_default", false);


      >>>>>> Extensiones Firefox <<<<<<


      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      C:\Program Files (x86)\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      C:\Program Files (x86)\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      C:\Program Files (x86)\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\laraastur\AppData\Local\Google\Chrome\User Data\Default\Extensions\6
      C:\Users\laraastur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
      C:\Users\laraastur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\laraastur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\laraastur\AppData\Local\Google\Chrome\User Data\Default\Extensions\goficmpcgcnombioohjcgdhbaloknabb
      C:\Users\laraastur\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
      C:\Users\laraastur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia1
      C:\Users\laraastur\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda2
      C:\Users\laraastur\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
      C:\Users\laraastur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf

      ======== Listado ===========

      [17/01/2013 16:35] [17/01/2013 16:35] [DI] C:\Users\laraastur\AppData\Roaming\Alien Skin
      [03/11/2012 21:49] [03/11/2012 21:44] [DI] C:\Users\laraastur\AppData\Roaming\APLI
      [04/11/2012 14:41] [03/11/2012 22:16] [DI] C:\Users\laraastur\AppData\Roaming\Apple Computer
      [18/01/2013 11:40] [18/01/2013 11:40] [DI] C:\Users\laraastur\AppData\Roaming\Camera Bits, Inc
      [17/01/2013 14:04] [17/01/2013 14:04] [DI] C:\Users\laraastur\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [20/01/2011 15:54] [20/01/2011 15:54] [DI] C:\Users\laraastur\AppData\Roaming\Creative
      C:\Users\laraastur\AppData\Roaming\Definition Bundle [RH] 268 bytes ( )
      [20/01/2011 15:54] [20/01/2011 15:54] [DI] C:\Users\laraastur\AppData\Roaming\Dell
      C:\Users\laraastur\AppData\Roaming\Desktop Pictures [RH] 268 bytes ( )
      C:\Users\laraastur\AppData\Roaming\Developer Tools [RH] 268 bytes ( )
      C:\Users\laraastur\AppData\Roaming\Documents [RH] 268 bytes ( )
      [06/02/2011 22:03] [06/02/2011 21:40] [DI] C:\Users\laraastur\AppData\Roaming\Downloaded Installations
      [23/01/2013 13:29] [26/06/2012 21:21] [DI] C:\Users\laraastur\AppData\Roaming\Dropbox
      [10/12/2012 13:01] [03/03/2012 10:39] [DI] C:\Users\laraastur\AppData\Roaming\dvdcss
      [05/09/2012 21:23] [05/09/2012 21:22] [DI] C:\Users\laraastur\AppData\Roaming\DVDVideoSoft
      [20/02/2011 13:02] [20/02/2011 12:59] [DI] C:\Users\laraastur\AppData\Roaming\exe
      [23/01/2013 11:28] [22/01/2011 21:58] [DI] C:\Users\laraastur\AppData\Roaming\FileZilla
      [04/11/2011 17:35] [04/11/2011 17:30] [DI] C:\Users\laraastur\AppData\Roaming\Free Monitor for Google
      [17/01/2013 17:03] [17/01/2013 16:17] [DI] C:\Users\laraastur\AppData\Roaming\FTDownTango1bToolbar
      [14/04/2012 15:17] [14/04/2012 13:49] [DI] C:\Users\laraastur\AppData\Roaming\Gmail Backup
      [20/01/2011 15:53] [20/01/2011 15:53] [DI] C:\Users\laraastur\AppData\Roaming\Identities
      [20/01/2011 15:54] [20/01/2011 15:54] [DI] C:\Users\laraastur\AppData\Roaming\Intel
      [20/01/2011 15:54] [20/01/2011 15:54] [DI] C:\Users\laraastur\AppData\Roaming\Intel Corporation
      [20/01/2011 16:00] [20/01/2011 16:00] [DI] C:\Users\laraastur\AppData\Roaming\Macromedia
      [20/01/2011 16:25] [20/01/2011 16:25] [DI] C:\Users\laraastur\AppData\Roaming\Macrovision
      [22/01/2013 21:26] [22/01/2013 21:26] [DI] C:\Users\laraastur\AppData\Roaming\Malwarebytes
      [20/01/2011 16:05] [20/01/2011 16:05] [DI] C:\Users\laraastur\AppData\Roaming\McAfee
      [14/07/2009 12:09] [20/01/2011 15:47] [DI] C:\Users\laraastur\AppData\Roaming\Media Center Programs
      [ 01/10/2012 0:28] [ 20/01/2011 15:47] [SDI] C:\Users\laraastur\AppData\Roaming\Microsoft
      [17/01/2013 16:28] [22/01/2011 21:09] [DI] C:\Users\laraastur\AppData\Roaming\Mozilla
      [24/03/2012 21:00] [24/03/2012 20:58] [DI] C:\Users\laraastur\AppData\Roaming\Nikon
      [17/01/2013 20:56] [06/02/2011 22:05] [DI] C:\Users\laraastur\AppData\Roaming\Nitro PDF
      [23/08/2012 17:00] [23/08/2012 16:58] [DI] C:\Users\laraastur\AppData\Roaming\Notepad++
      [17/01/2013 15:46] [17/01/2013 15:46] [DI] C:\Users\laraastur\AppData\Roaming\NVIDIA
      [04/10/2012 15:56] [03/10/2012 14:00] [D] C:\Users\laraastur\AppData\Roaming\PerformerSoft
      [17/03/2011 20:36] [17/03/2011 20:36] [DI] C:\Users\laraastur\AppData\Roaming\Reallusion
      [21/01/2011 15:29] [20/01/2011 15:54] [DI] C:\Users\laraastur\AppData\Roaming\Roxio
      [08/01/2013 23:50] [21/01/2011 17:07] [DI] C:\Users\laraastur\AppData\Roaming\Roxio Burn
      [20/01/2011 17:36] [20/01/2011 17:36] [DI] C:\Users\laraastur\AppData\Roaming\Roxio Log Files
      [20/11/2012 18:49] [21/07/2012 1:19] [DI] C:\Users\laraastur\AppData\Roaming\Samsung
      [22/11/2012 18:33] [19/02/2011 18:49] [DI] C:\Users\laraastur\AppData\Roaming\Skype
      [13/07/2012 14:27] [19/02/2011 18:50] [DI] C:\Users\laraastur\AppData\Roaming\skypePM
      [28/01/2011 16:22] [28/01/2011 16:22] [DI] C:\Users\laraastur\AppData\Roaming\Sonic Solutions
      [16/01/2013 17:05] [21/01/2011 18:35] [DI] C:\Users\laraastur\AppData\Roaming\Spotify
      [05/09/2012 21:24] [05/09/2012 21:24] [DI] C:\Users\laraastur\AppData\Roaming\TuneUp Software
      [18/11/2011 16:33] [18/11/2011 16:33] [DI] C:\Users\laraastur\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
      [15/11/2012 21:38] [05/03/2011 20:04] [DI] C:\Users\laraastur\AppData\Roaming\vlc
      [21/01/2011 17:33] [21/01/2011 17:33] [DI] C:\Users\laraastur\AppData\Roaming\WinRAR
      [17/01/2013 14:04] [17/01/2013 14:04] [D] C:\Program Files (x86)\Adobe Download Assistant
      [28/01/2011 17:24] [28/01/2011 17:24] [D] C:\Program Files (x86)\Adobe Media Player
      [19/01/2013 14:04] [17/01/2013 16:29] [D] C:\Program Files (x86)\Alien Skin
      [03/11/2012 21:44] [03/11/2012 21:44] [D] C:\Program Files (x86)\Apli
      [25/10/2012 21:15] [25/10/2012 21:15] [D] C:\Program Files (x86)\Apple Software Update
      [03/11/2012 22:14] [03/11/2012 22:14] [D] C:\Program Files (x86)\Bonjour
      [18/01/2013 13:01] [18/01/2013 13:01] [D] C:\Program Files (x86)\Camera Bits
      [08/05/2012 23:08] [08/05/2012 23:08] [D] C:\Program Files (x86)\CDisplay
      [15/01/2011 4:09] [15/01/2011 4:09] [D] C:\Program Files (x86)\Cisco
      [03/04/2012 21:08] [03/04/2012 21:07] [D] C:\Program Files (x86)\Codec Pack de ELISOFT
      [14/08/2012 16:19] [14/08/2012 16:19] [D] C:\Program Files (x86)\CodeMeter
      [19/01/2013 2:11] [14/07/2009 5:20] [D] C:\Program Files (x86)\Common Files
      [09/09/2012 2:58] [09/09/2012 2:55] [D] C:\Program Files (x86)\coolpro2
      [15/01/2011 4:24] [15/01/2011 4:24] [D] C:\Program Files (x86)\Creative
      [15/01/2011 4:24] [15/01/2011 4:24] [D] C:\Program Files (x86)\Creative Live! Cam
      [15/01/2011 4:45] [15/01/2011 4:33] [D] C:\Program Files (x86)\Dell
      [23/01/2013 13:28] [15/01/2011 4:18] [D] C:\Program Files (x86)\Dell DataSafe Local Backup
      [15/01/2011 4:19] [15/01/2011 4:19] [D] C:\Program Files (x86)\Dell Support Center
      [15/01/2011 4:24] [15/01/2011 4:24] [D] C:\Program Files (x86)\Dell Webcam
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [05/09/2012 21:23] [05/09/2012 21:23] [D] C:\Program Files (x86)\DVDVideoSoft
      [20/11/2012 18:01] [22/01/2011 21:57] [D] C:\Program Files (x86)\FileZilla FTP Client
      [04/11/2011 17:29] [04/11/2011 17:29] [D] C:\Program Files (x86)\Free Monitor for Google
      [13/05/2012 23:54] [13/05/2012 23:54] [D] C:\Program Files (x86)\FreeTime
      [14/08/2012 16:19] [14/08/2012 16:19] [D] C:\Program Files (x86)\GetData
      [14/04/2012 13:49] [14/04/2012 13:49] [D] C:\Program Files (x86)\GmailBackup
      [13/11/2012 10:39] [03/12/2011 17:12] [D] C:\Program Files (x86)\Google
      [11/12/2012 16:21] [11/12/2012 16:21] [D] C:\Program Files (x86)\Hofmann
      [04/11/2012 13:53] [04/11/2012 13:53] [D] C:\Program Files (x86)\HP
      [10/12/2012 19:20] [15/01/2011 4:03] [HD] C:\Program Files (x86)\InstallShield Installation Information
      [15/01/2011 4:16] [14/01/2011 20:55] [D] C:\Program Files (x86)\Intel
      [13/12/2012 8:12] [14/07/2009 5:20] [D] C:\Program Files (x86)\Internet Explorer
      [03/11/2012 22:16] [03/11/2012 22:16] [D] C:\Program Files (x86)\iTunes
      [15/01/2011 4:06] [15/01/2011 4:06] [D] C:\Program Files (x86)\Java
      [25/07/2012 9:17] [17/06/2012 22:22] [D] C:\Program Files (x86)\JDownloader
      [15/01/2011 4:12] [15/01/2011 4:12] [D] C:\Program Files (x86)\JMicron
      [03/03/2012 10:20] [03/03/2012 10:20] [D] C:\Program Files (x86)\Longman
      [22/01/2013 21:26] [22/01/2013 21:26] [D] C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [21/07/2012 1:15] [21/07/2012 1:15] [D] C:\Program Files (x86)\MarkAny
      [08/04/2012 11:48] [15/01/2011 4:21] [D] C:\Program Files (x86)\McAfee
      [24/06/2012 22:14] [15/01/2011 4:39] [D] C:\Program Files (x86)\Microsoft
      [26/02/2012 21:23] [15/01/2011 4:23] [D] C:\Program Files (x86)\Microsoft Office
      [11/05/2012 19:09] [15/01/2011 4:28] [D] C:\Program Files (x86)\Microsoft Silverlight
      [15/01/2011 4:32] [15/01/2011 4:32] [D] C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      [21/01/2011 17:14] [21/01/2011 17:14] [D] C:\Program Files (x86)\Microsoft Visual Studio
      [21/01/2011 17:10] [21/01/2011 17:10] [D] C:\Program Files (x86)\Microsoft Visual Studio 8
      [09/09/2011 0:05] [21/01/2011 17:14] [D] C:\Program Files (x86)\Microsoft Works
      [21/01/2011 20:04] [21/01/2011 17:14] [D] C:\Program Files (x86)\Microsoft.NET
      [13/09/2012 17:29] [22/01/2011 21:09] [D] C:\Program Files (x86)\Mozilla Firefox
      [21/01/2011 17:14] [14/07/2009 7:32] [D] C:\Program Files (x86)\MSBuild
      [21/01/2011 16:54] [21/01/2011 16:54] [D] C:\Program Files (x86)\MSXML 4.0
      [17/11/2011 22:02] [17/11/2011 22:02] [D] C:\Program Files (x86)\My Company Name
      [20/11/2012 18:55] [20/11/2012 18:55] [D] C:\Program Files (x86)\MyFree Codec
      [15/04/2012 12:13] [15/04/2012 12:13] [D] C:\Program Files (x86)\MyTomTom 3
      [28/08/2012 14:17] [24/03/2012 20:53] [D] C:\Program Files (x86)\Nikon
      [06/02/2011 22:04] [06/02/2011 22:04] [D] C:\Program Files (x86)\Nitro PDF
      [23/08/2012 16:58] [23/08/2012 16:58] [D] C:\Program Files (x86)\Notepad++
      [15/01/2011 4:03] [14/01/2011 20:55] [D] C:\Program Files (x86)\NVIDIA Corporation
      [24/01/2011 23:49] [24/01/2011 23:49] [D] C:\Program Files (x86)\PDFCreator
      [17/01/2013 17:10] [17/01/2013 16:17] [D] C:\Program Files (x86)\Protected Search
      [22/01/2011 21:24] [22/01/2011 21:24] [D] C:\Program Files (x86)\QuickTime
      [15/01/2011 4:10] [15/01/2011 4:10] [D] C:\Program Files (x86)\Realtek
      [17/01/2013 17:03] [17/01/2013 16:18] [D] C:\Program Files (x86)\Red Sky
      [14/07/2009 7:32] [14/07/2009 7:32] [D] C:\Program Files (x86)\Reference Assemblies
      [15/01/2011 4:13] [15/01/2011 4:13] [D] C:\Program Files (x86)\Renesas Electronics
      [20/01/2011 17:35] [15/01/2011 4:35] [D] C:\Program Files (x86)\Roxio
      [21/07/2012 1:17] [21/07/2012 1:15] [D] C:\Program Files (x86)\Samsung
      [27/10/2012 13:55] [27/10/2012 13:55] [D] C:\Program Files (x86)\Shape Collage
      [19/01/2013 2:01] [15/01/2011 4:20] [RD] C:\Program Files (x86)\Skype
      [25/11/2011 18:38] [21/01/2011 18:35] [D] C:\Program Files (x86)\Spotify
      [19/01/2013 19:54] [19/01/2013 19:54] [D] C:\Program Files (x86)\Spybot - Search & Destroy 2
      [15/01/2011 4:16] [15/01/2011 4:16] [D] C:\Program Files (x86)\STMicroelectronics
      [15/01/2011 4:11] [15/01/2011 4:10] [HD] C:\Program Files (x86)\Temp
      [15/04/2012 12:13] [15/04/2012 12:13] [D] C:\Program Files (x86)\TomTom International B.V
      [19/01/2013 1:49] [16/01/2013 17:22] [D] C:\Program Files (x86)\TornTV.com
      [14/07/2009 6:57] [14/07/2009 6:57] [HD] C:\Program Files (x86)\Uninstall Information
      [22/01/2011 21:30] [22/01/2011 21:30] [D] C:\Program Files (x86)\VideoLAN
      [14/07/2009 11:30] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Defender
      [18/07/2012 13:07] [15/01/2011 4:31] [D] C:\Program Files (x86)\Windows Live
      [04/02/2012 18:00] [14/07/2009 5:20] [D] C:\Program Files (x86)\Windows Mail
      [04/02/2012 18:00] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Media Player
      [14/07/2009 7:32] [14/07/2009 5:20] [D] C:\Program Files (x86)\Windows NT
      [04/02/2012 18:00] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Photo Viewer
      [04/02/2012 18:00] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Portable Devices
      [04/02/2012 18:00] [14/07/2009 7:32] [D] C:\Program Files (x86)\Windows Sidebar
      [17/01/2013 15:09] [15/01/2011 4:17] [DI] C:\ProgramData\Adobe
      [17/01/2013 16:35] [17/01/2013 16:29] [DI] C:\ProgramData\Alien Skin
      C:\ProgramData\Ament.ini [AI] 57 bytes 0
      [03/11/2012 22:15] [22/01/2011 21:23] [DI] C:\ProgramData\Apple
      [03/11/2012 22:16] [22/01/2011 21:24] [DI] C:\ProgramData\Apple Computer
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Application Data
      [05/11/2012 21:22] [05/11/2012 21:22] [DI] C:\ProgramData\Ask
      [04/02/2012 18:26] [04/02/2012 18:26] [DI] C:\ProgramData\AVAST Software
      [04/09/2012 15:57] [04/09/2012 15:57] [DI] C:\ProgramData\boost_interprocess
      [18/01/2013 12:37] [18/01/2013 12:37] [DI] C:\ProgramData\Camera Bits, Inc
      [14/08/2012 16:38] [14/08/2012 16:38] [DI] C:\ProgramData\CodeMeter
      [05/09/2012 21:24] [05/09/2012 21:24] [HD] C:\ProgramData\Common Files
      [07/04/2011 19:56] [17/03/2011 20:36] [DI] C:\ProgramData\Creative
      C:\ProgramData\Database [AI] 0 bytes 0
      [20/01/2011 15:47] [20/01/2011 15:47] [HSDLI] C:\ProgramData\Datos de programa
      [20/01/2011 16:02] [15/01/2011 4:10] [DI] C:\ProgramData\Dell
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Desktop
      C:\ProgramData\Desktop Pictures [AI] 0 bytes 0
      C:\ProgramData\Dialogs [RH] 268 bytes 0
      C:\ProgramData\Dictionaries [RH] 268 bytes 0
      C:\ProgramData\Digital Basic [RH] 268 bytes 0
      [20/01/2011 15:47] [20/01/2011 15:47] [HSDLI] C:\ProgramData\Documentos
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Documents
      C:\ProgramData\Echo [RH] 12 bytes 0
      C:\ProgramData\Electric Clav [RH] 12 bytes 0
      C:\ProgramData\Enhance Timing [RH] 12 bytes 0
      [28/08/2012 14:17] [24/03/2012 20:54] [DI] C:\ProgramData\EnterNHelp
      [20/01/2011 15:47] [20/01/2011 15:47] [HSDLI] C:\ProgramData\Escritorio
      C:\ProgramData\ezsidmv.dat [HAI] 56 bytes 0
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Favorites
      [20/01/2011 15:47] [20/01/2011 15:47] [HSDLI] C:\ProgramData\Favoritos
      [26/01/2011 0:19] [26/01/2011 0:17] [DI] C:\ProgramData\FLEXnet
      C:\ProgramData\Funk Animals [RH] 12 bytes 0
      [13/11/2012 10:39] [13/11/2012 10:39] [DI] C:\ProgramData\Google
      [04/11/2012 13:53] [04/11/2012 13:53] [DI] C:\ProgramData\HP
      [15/01/2011 4:09] [15/01/2011 4:09] [DI] C:\ProgramData\Intel
      [15/01/2011 4:35] [15/01/2011 4:35] [DI] C:\ProgramData\Macrovision
      [22/01/2013 21:26] [22/01/2013 21:26] [DI] C:\ProgramData\Malwarebytes
      [08/04/2012 11:48] [15/01/2011 4:21] [DI] C:\ProgramData\McAfee
      [20/01/2011 15:47] [20/01/2011 15:47] [HSDLI] C:\ProgramData\Menú Inicio
      [19/01/2013 19:54] [14/07/2009 5:20] [SDI] C:\ProgramData\Microsoft
      [10/01/2013 0:43] [21/01/2011 17:09] [DI] C:\ProgramData\Microsoft Help
      [28/08/2012 14:20] [27/03/2012 21:56] [DI] C:\ProgramData\Nikon
      [06/02/2011 22:04] [06/02/2011 22:04] [DI] C:\ProgramData\Nitro PDF
      [23/01/2013 13:28] [14/01/2011 20:56] [DI] C:\ProgramData\NVIDIA
      [14/01/2011 20:55] [14/01/2011 20:55] [DI] C:\ProgramData\NVIDIA Corporation
      [15/01/2011 4:19] [15/01/2011 4:19] [DI] C:\ProgramData\PCDr
      [15/01/2011 4:37] [15/01/2011 4:37] [DI] C:\ProgramData\PhotoShow Shared Assets
      C:\ProgramData\PKP_DLeo.DAT [H] 20 bytes 0
      C:\ProgramData\PKP_DLes.DAT [H] 20 bytes 0
      C:\ProgramData\PKP_DLet.DAT [H] 20 bytes 0
      C:\ProgramData\PKP_DLev.DAT [H] 20 bytes 0
      [20/01/2011 15:47] [20/01/2011 15:47] [HSDLI] C:\ProgramData\Plantillas
      [17/01/2013 15:16] [17/11/2011 22:26] [DI] C:\ProgramData\regid.1986-12.com.adobe
      [21/01/2011 15:29] [15/01/2011 4:36] [DI] C:\ProgramData\Roxio
      [21/07/2012 1:16] [21/07/2012 1:15] [DI] C:\ProgramData\Samsung
      [13/09/2012 10:16] [15/01/2011 4:20] [DI] C:\ProgramData\Skype
      [11/01/2013 11:29] [15/01/2011 4:37] [DI] C:\ProgramData\Sonic
      [19/01/2013 20:26] [19/01/2013 19:54] [DI] C:\ProgramData\Spybot - Search & Destroy
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Start Menu
      [15/01/2011 4:07] [15/01/2011 4:07] [DI] C:\ProgramData\Sun
      [15/01/2011 4:20] [15/01/2011 4:20] [DI] C:\ProgramData\SupportSoft
      [14/07/2009 7:08] [14/07/2009 7:08] [HSDLI] C:\ProgramData\Templates
      [05/09/2012 21:24] [05/09/2012 21:24] [DI] C:\ProgramData\TuneUp Software
      [28/08/2012 14:17] [24/03/2012 20:54] [DI] C:\ProgramData\Ultima_T15
      [20/01/2011 17:36] [15/01/2011 4:38] [DI] C:\ProgramData\Uninstall
      [11/05/2012 17:54] [22/01/2011 22:09] [DI] C:\ProgramData\WinZip
      [15/01/2011 4:40] [15/01/2011 4:40] [HDC] C:\ProgramData\{04A07C23-5821-4F25-BF46-1188636AE238}
      [05/09/2012 21:24] [05/09/2012 21:24] [HSD] C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}

      ==================== EOF ==================
      Última edición por Javierhf fecha: 27/01/13 a las 18:03:51 Razón: Unir mensajes.

    8. #8
      Usuario Avatar de _laura_1979
      Registrado
      ene 2013
      Ubicación
      españa
      Mensajes
      14
      # AdwCleaner v2.107 - Fichero creado el 23/01/2013 a 13:50:27
      # Actualizado el 21/01/2013 por Xplode
      # Sistema operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
      # Usuario : laraastur - DELL_LARAASTUR
      # Modo de inicio : Normal
      # Ejecutado desde : C:\Users\laraastur\Downloads\AdwCleaner\AdwCleaner.exe
      # Opción [Supresión]


      ***** [Servicios] *****


      ***** [Ficheros / Carpetas] *****

      Carpeta Suprimido : C:\Program Files (x86)\Protected Search
      Carpeta Suprimido : C:\ProgramData\Ask
      Carpeta Suprimido : C:\ProgramData\boost_interprocess
      Carpeta Suprimido : C:\Users\laraastur\AppData\Roaming\PerformerSoft
      Fichero Suprimido : C:\Users\laraastur\AppData\Roaming\Mozilla\Firefox\Profiles\v5v2rhyy.default

      \bprotector_extensions.sqlite
      Fichero Suprimido : C:\Users\laraastur\AppData\Roaming\Mozilla\Firefox\Profiles\v5v2rhyy.default\searchplugins

      \bProtect.xml
      Fichero Suprimido : C:\Users\laraastur\AppData\Roaming\Mozilla\Firefox\Profiles\v5v2rhyy.default\searchplugins

      \Web Search.xml
      Fichero Suprimido : C:\Windows\SysWOW64\searchplugins\bProtect.xml

      ***** [Registro] *****

      Clave Supprimida : HKCU\Software\1ClickDownload
      Clave Supprimida : HKCU\Software\APN PIP
      Clave Supprimida : HKCU\Software\BabylonToolbar
      Clave Supprimida : HKCU\Software\DataMngr_Toolbar
      Clave Supprimida : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
      Clave Supprimida : HKCU\Software\InstallCore
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-

      A0ADB30B5646}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-

      BA48AD5DD448}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-

      100EDDD0C3AE}
      Clave Supprimida : HKCU\Software\PIP
      Clave Supprimida : HKCU\Software\Softonic
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
      Clave Supprimida : HKLM\Software\Babylon
      Clave Supprimida : HKLM\Software\bProtector
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Prod.cap
      Clave Supprimida : HKLM\SOFTWARE\Classes\S
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
      Clave Supprimida : HKLM\Software\DealPly
      Clave Supprimida : HKLM\Software\Iminent
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
      Clave Supprimida : HKLM\Software\PIP
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31

      -C5FB5D47F68B}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
      Clave Supprimida : HKLM\SOFTWARE\Tarma Installer
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
      Valor Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []

      ***** [Navegadores] *****

      -\\ Internet Explorer v9.0.8112.16457

      Sustituido : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] =

      hxxp://search.certified-toolbar.com?si=41460&st=home&tid=3201 --> hxxp://www.google.com
      Sustituido : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://newtab.certified-

      toolbar.com/nie?si=41460&tid=3201&st=newtab --> hxxp://www.google.com
      Sustituido : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-

      toolbar.com?si=41460&st=home&tid=3201 --> hxxp://www.google.com
      Sustituido : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] =

      hxxp://search.certified-toolbar.com?si=41460&st=home&tid=3201 --> hxxp://www.google.com
      Sustituido : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-

      toolbar.com?si=41460&tid=3201&st=bs&q= --> hxxp://www.google.com
      Sustituido : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-

      toolbar.com?si=41460&tid=3201&st=bs&q= --> hxxp://www.google.com
      Sustituido : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-

      toolbar.com?si=41460&st=home&tid=3201 --> hxxp://www.google.com
      Sustituido : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] =

      hxxp://search.certified-toolbar.com?si=41460&st=home&tid=3201 --> hxxp://www.google.com
      Sustituido : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-

      toolbar.com?si=41460&tid=3201&st=bs&q= --> hxxp://www.google.com
      Sustituido : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-

      toolbar.com?si=41460&tid=3201&st=bs&q= --> hxxp://www.google.com
      Sustituido : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] =

      hxxp://search.certified-toolbar.com?si=41460&st=home&tid=3201 --> hxxp://www.google.com

      -\\ Mozilla Firefox v7.0.1 (es-ES)

      Fichero : C:\Users\laraastur\AppData\Roaming\Mozilla\Firefox\Profiles\v5v2rhyy.default\prefs.js

      C:\Users\laraastur\AppData\Roaming\Mozilla\Firefox\Profiles\v5v2rhyy.default\user.js ... Suprimido !

      Supprimida : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
      Supprimida : user_pref("extensions.BabylonToolbar.admin", false);
      Supprimida : user_pref("extensions.BabylonToolbar.aflt", "babsst");
      Supprimida : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
      Supprimida : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
      Supprimida : user_pref("extensions.BabylonToolbar.babExt", "");
      Supprimida : user_pref("extensions.BabylonToolbar.babTrack", "affID=115290&tt=3512_8");
      Supprimida : user_pref("extensions.BabylonToolbar.bbDpng", 27);
      Supprimida : user_pref("extensions.BabylonToolbar.cntry", "ES");
      Supprimida : user_pref("extensions.BabylonToolbar.dfltLng", "en");
      Supprimida : user_pref("extensions.BabylonToolbar.dfltSrch", true);
      Supprimida : user_pref("extensions.BabylonToolbar.dp_alert", "0");
      Supprimida : user_pref("extensions.BabylonToolbar.envrmnt", "production");
      Supprimida : user_pref("extensions.BabylonToolbar.excTlbr", false);
      Supprimida : user_pref("extensions.BabylonToolbar.hdrMd5", "9FA70BABAE522E3397EA3332A36DF744");
      Supprimida : user_pref("extensions.BabylonToolbar.hmpg", true);
      Supprimida : user_pref("extensions.BabylonToolbar.id", "965e36fa0000000000000026c7fafdb7");
      Supprimida : user_pref("extensions.BabylonToolbar.instlDay", "15585");
      Supprimida : user_pref("extensions.BabylonToolbar.instlRef", "sst");
      Supprimida : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?

      affID=113480&tt=060612[...]
      Supprimida : user_pref("extensions.BabylonToolbar.lastDP", 27);
      Supprimida : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1222:28:06");
      Supprimida : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "7.0");
      Supprimida : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
      Supprimida : user_pref("extensions.BabylonToolbar.newTab", false);
      Supprimida : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
      Supprimida : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
      Supprimida : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"60\",\"lastVrsn\":\"60\",\"vrsnLoad

      \[...]
      Supprimida : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
      Supprimida : user_pref("extensions.BabylonToolbar.propectorlck", 79389685);
      Supprimida : user_pref("extensions.BabylonToolbar.prtkDS", 1);
      Supprimida : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
      Supprimida : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
      Supprimida : user_pref("extensions.BabylonToolbar.ptch_0717", true);
      Supprimida : user_pref("extensions.BabylonToolbar.sg", "tzb");
      Supprimida : user_pref("extensions.BabylonToolbar.smplGrp", "tzb");
      Supprimida : user_pref("extensions.BabylonToolbar.srcExt", "ss");
      Supprimida : user_pref("extensions.BabylonToolbar.tlbrId", "base");
      Supprimida : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?

      babsrc=TB_def&mntrId=[...]
      Supprimida : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
      Supprimida : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1222:28:06");
      Supprimida : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
      Supprimida : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
      Supprimida : user_pref("extensions.BabylonToolbar_i.babExt", "");
      Supprimida : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=115290&tt=3512_8");
      Supprimida : user_pref("extensions.BabylonToolbar_i.hardId", "965e36fa0000000000000026c7fafdb7");
      Supprimida : user_pref("extensions.BabylonToolbar_i.id", "965e36fa0000000000000026c7fafdb7");
      Supprimida : user_pref("extensions.BabylonToolbar_i.instlDay", "15508");
      Supprimida : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
      Supprimida : user_pref("extensions.BabylonToolbar_i.newTab", false);
      Supprimida : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
      Supprimida : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
      Supprimida : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
      Supprimida : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
      Supprimida : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
      Supprimida : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
      Supprimida : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1222:28:06");
      Supprimida : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

      -\\ Google Chrome v24.0.1312.52

      Fichero : C:\Users\laraastur\AppData\Local\Google\Chrome\User Data\Default\Preferences

      [OK] El fichero no contiene ninguna entrada ilegítima.

      *************************

      AdwCleaner[S1].txt - [10952 octets] - [23/01/2013 13:50:27]

      ########## EOF - C:\AdwCleaner[S1].txt - [11013 octets] ##########


      *******************************************


      El ordenador sigue como estaba con Certified Toolbar Search apareciendo al abrir los navegadores.

      Espero instrucciones. ;-D
      Última edición por Javierhf fecha: 27/01/13 a las 18:08:04 Razón: Unir mensajes.

    9. #9
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.991

      Re: Certified Toolbar Search en todos los navegadores

      Hola

      Falta el reporte de ComboFix ....

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de _laura_1979
      Registrado
      ene 2013
      Ubicación
      españa
      Mensajes
      14

      Re: Certified Toolbar Search en todos los navegadores

      ComboFix 13-01-23.01 - laraastur 23/01/2013 15:34:50.1.4 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.34.3082.18.3828.1773 [GMT 1:00]
      Running from: c:\users\laraastur\Downloads\ComboFix.exe
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      C:\WIFIkit.bin
      c:\windows\SysWow64\muzapp.exe
      c:\windows\SysWow64\ympgcdc.cfg
      c:\windows\wininit.ini
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-12-23 to 2013-01-23 )))))))))))))))))))))))))))))))
      .
      .
      2013-01-23 14:50 . 2013-01-23 14:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
      2013-01-23 14:50 . 2013-01-23 14:50 -------- d-----w- c:\users\Default\AppData\Local\temp
      2013-01-23 10:24 . 2013-01-23 10:24 -------- d-----w- c:\program files\CCleaner
      2013-01-23 10:07 . 2013-01-23 12:32 -------- d-----w- C:\_AT-Destroyer
      2013-01-22 20:26 . 2013-01-22 20:26 -------- d-----w- c:\users\laraastur\AppData\Roaming\Malwarebytes
      2013-01-22 20:26 . 2013-01-22 20:26 -------- d-----w- c:\programdata\Malwarebytes
      2013-01-22 20:26 . 2013-01-22 20:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2013-01-22 20:26 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
      2013-01-22 18:14 . 2013-01-23 14:42 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{707DF9BA-4201-488B-9A89-42C108AA0FE3}\offreg.dll
      2013-01-22 13:45 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{707DF9BA-4201-488B-9A89-42C108AA0FE3}\mpengine.dll
      2013-01-19 18:54 . 2013-01-19 19:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy
      2013-01-19 18:54 . 2013-01-23 14:34 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
      2013-01-19 18:53 . 2013-01-19 18:53 -------- d-----w- c:\users\laraastur\AppData\Local\Programs
      2013-01-19 13:04 . 2013-01-19 13:04 -------- d-----w- c:\program files\Alien Skin
      2013-01-19 01:12 . 2013-01-19 01:12 110080 ----a-r- c:\users\laraastur\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\IconD7F16134.exe
      2013-01-19 01:12 . 2013-01-19 01:12 110080 ----a-r- c:\users\laraastur\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\Icon1226A4C5.exe
      2013-01-19 01:12 . 2013-01-19 01:12 110080 ----a-r- c:\users\laraastur\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\IconF7A21AF7.exe
      2013-01-19 01:12 . 2013-01-19 01:12 -------- d-----w- C:\sh4ldr
      2013-01-19 01:12 . 2013-01-19 01:12 -------- d-----w- c:\program files\Enigma Software Group
      2013-01-19 01:11 . 2013-01-19 18:27 -------- d-----w- c:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
      2013-01-19 01:11 . 2013-01-19 01:11 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
      2013-01-18 12:01 . 2013-01-18 12:01 -------- d-----w- c:\program files (x86)\Camera Bits
      2013-01-18 11:37 . 2013-01-18 11:37 -------- d-----w- c:\programdata\Camera Bits, Inc
      2013-01-18 10:40 . 2013-01-18 10:40 -------- d-----w- c:\users\laraastur\AppData\Roaming\Camera Bits, Inc
      2013-01-18 10:38 . 2004-03-29 15:23 90112 ----a-w- c:\windows\unvise32.exe
      2013-01-17 15:35 . 2013-01-17 15:35 -------- d-----w- c:\users\laraastur\AppData\Roaming\Alien Skin
      2013-01-17 15:35 . 2013-01-17 15:35 -------- d-----w- c:\users\laraastur\AppData\Local\Alien Skin
      2013-01-17 15:29 . 2013-01-19 13:04 -------- d-----w- c:\program files (x86)\Alien Skin
      2013-01-17 15:29 . 2013-01-17 15:35 -------- d-----w- c:\programdata\Alien Skin
      2013-01-17 15:18 . 2013-01-23 12:49 -------- d-----w- c:\users\laraastur\AppData\Local\DownTango
      2013-01-17 15:18 . 2013-01-23 12:48 -------- d-----w- c:\program files (x86)\Red Sky
      2013-01-17 15:17 . 2013-01-03 06:18 15360 ----a-w- c:\windows\Launcher.exe
      2013-01-17 15:17 . 2013-01-17 16:03 -------- d-----w- c:\users\laraastur\AppData\Roaming\FTDownTango1bToolbar
      2013-01-17 14:46 . 2013-01-17 14:46 -------- d-----w- c:\users\laraastur\AppData\Roaming\NVIDIA
      2013-01-17 13:04 . 2013-01-17 13:04 -------- d-----w- c:\users\laraastur\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      2013-01-17 13:04 . 2013-01-17 13:04 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
      2013-01-16 16:22 . 2013-01-19 00:49 -------- d-----w- c:\program files (x86)\TornTV.com
      2013-01-09 17:27 . 2013-01-09 17:27 16369160 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
      2013-01-09 15:55 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
      2013-01-09 15:55 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
      2013-01-09 15:53 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
      2012-12-31 10:05 . 2012-12-31 10:05 -------- d-----w- c:\program files (x86)\Common Files\Java
      2012-12-31 10:04 . 2012-12-31 10:04 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-01-09 23:35 . 2011-01-21 15:55 67599240 ----a-w- c:\windows\system32\MRT.exe
      2013-01-09 17:27 . 2012-08-26 20:43 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2013-01-09 17:27 . 2011-11-16 23:10 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-12-31 10:04 . 2011-01-15 03:06 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2012-12-16 17:11 . 2012-12-21 06:54 46080 ----a-w- c:\windows\system32\atmlib.dll
      2012-12-16 14:45 . 2012-12-21 06:54 367616 ----a-w- c:\windows\system32\atmfd.dll
      2012-12-16 14:13 . 2012-12-21 06:54 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
      2012-12-16 14:13 . 2012-12-21 06:54 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
      2012-11-30 04:45 . 2013-01-09 15:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2012-11-14 07:06 . 2012-12-12 22:53 17811968 ----a-w- c:\windows\system32\mshtml.dll
      2012-11-14 06:32 . 2012-12-12 22:53 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2012-11-14 06:11 . 2012-12-12 22:53 2312704 ----a-w- c:\windows\system32\jscript9.dll
      2012-11-14 06:04 . 2012-12-12 22:53 1346048 ----a-w- c:\windows\system32\urlmon.dll
      2012-11-14 06:04 . 2012-12-12 22:53 1392128 ----a-w- c:\windows\system32\wininet.dll
      2012-11-14 06:02 . 2012-12-12 22:53 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-11-14 06:02 . 2012-12-12 22:53 237056 ----a-w- c:\windows\system32\url.dll
      2012-11-14 05:59 . 2012-12-12 22:53 85504 ----a-w- c:\windows\system32\jsproxy.dll
      2012-11-14 05:58 . 2012-12-12 22:53 816640 ----a-w- c:\windows\system32\jscript.dll
      2012-11-14 05:57 . 2012-12-12 22:53 599040 ----a-w- c:\windows\system32\vbscript.dll
      2012-11-14 05:57 . 2012-12-12 22:53 173056 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-11-14 05:55 . 2012-12-12 22:53 2144768 ----a-w- c:\windows\system32\iertutil.dll
      2012-11-14 05:55 . 2012-12-12 22:53 729088 ----a-w- c:\windows\system32\msfeeds.dll
      2012-11-14 05:53 . 2012-12-12 22:53 96768 ----a-w- c:\windows\system32\mshtmled.dll
      2012-11-14 05:52 . 2012-12-12 22:53 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-11-14 05:46 . 2012-12-12 22:53 248320 ----a-w- c:\windows\system32\ieui.dll
      2012-11-14 02:09 . 2012-12-12 22:53 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
      2012-11-14 01:58 . 2012-12-12 22:53 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
      2012-11-14 01:57 . 2012-12-12 22:53 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
      2012-11-14 01:49 . 2012-12-12 22:53 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
      2012-11-14 01:48 . 2012-12-12 22:53 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
      2012-11-14 01:44 . 2012-12-12 22:53 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
      2012-11-09 05:45 . 2012-12-12 21:18 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-11-09 04:42 . 2012-12-12 21:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
      2012-11-02 05:59 . 2012-12-12 21:17 478208 ----a-w- c:\windows\system32\dpnet.dll
      2012-11-02 05:11 . 2012-12-12 21:17 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
      2012-10-30 22:51 . 2012-02-04 17:26 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
      2012-10-30 22:51 . 2012-02-04 17:26 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
      2012-10-30 22:51 . 2012-02-04 17:26 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
      2012-10-30 22:51 . 2012-02-04 17:26 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
      2012-10-30 22:51 . 2012-02-04 17:26 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
      2012-10-30 22:51 . 2012-02-04 17:26 41224 ----a-w- c:\windows\avastSS.scr
      2012-10-30 22:50 . 2012-02-04 17:26 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
      2012-10-30 22:50 . 2012-02-04 17:26 285328 ----a-w- c:\windows\system32\aswBoot.exe
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 129272 ----a-w- c:\users\laraastur\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 129272 ----a-w- c:\users\laraastur\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 129272 ----a-w- c:\users\laraastur\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Spotify Web Helper"="c:\users\laraastur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-02 1199576]
      "HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2011-06-08 2676584]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
      "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
      "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-20 487562]
      "Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
      "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-09-04 240112]
      "DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
      "Desktop Disc Tool"="c:\program files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-01 522736]
      "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
      "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
      "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
      "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
      "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
      "c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-13 559616]
      .
      c:\users\laraastur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
      Dropbox.lnk - c:\users\laraastur\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-22 28538560]
      Supervisar alertas de tinta - LastresHP.lnk - c:\windows\system32\RunDll32.exe [2009-7-14 45568]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
      .
      c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)
      "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "aux1"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
      BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
      @=""
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-09-04 219632]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
      R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
      R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]
      R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-28 1038088]
      R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-09-27 169048]
      R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-03-05 340240]
      R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-09-04 1116656]
      R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
      R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-21 1255736]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
      S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2010-08-12 24680]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
      S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
      S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2012-07-19 2568120]
      S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
      S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
      S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2010-12-03 341296]
      S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
      S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
      S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-08-12 235624]
      S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
      S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-06-30 2533400]
      S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-08-19 27760]
      S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-08-12 175168]
      S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-16 56344]
      S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
      S3 IntcDAud;Sonido Intel(R) para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-20 287232]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
      S3 NETw5s64;Controlador del adaptador Intel(R) Wireless WiFi Link para Windows 7 de 64 bits;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-05-31 7689216]
      S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
      S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
      S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [2010-07-12 29288]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
      .
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2013-01-15 22:07 1606760 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-01-23 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-26 17:27]
      .
      2013-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 16:12]
      .
      2013-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 16:12]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\laraastur\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\laraastur\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\laraastur\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
      2012-11-13 23:32 162552 ----a-w- c:\users\laraastur\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-09-03 6486120]
      "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-09-03 2120808]
      "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-08-12 283240]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-09-02 161304]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-09-02 386584]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2010-09-02 415256]
      "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976]
      "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-09-24 727664]
      "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = Google
      uDefault_Search_URL = hxxp://www.google.com
      mDefault_Search_URL = hxxp://www.google.com
      mStart Page = Google
      mLocal Page = c:\windows\SysWOW64\blank.htm
      mSearch Page = hxxp://www.google.com
      mSearch Bar = hxxp://www.google.com
      uInternet Settings,ProxyOverride = *.local
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
      Trusted Zone: internet
      Trusted Zone: mcafee.com
      TCP: DhcpNameServer = 87.216.1.65 87.216.1.66
      TCP: Interfaces\{88726B7E-B5E9-4880-9541-CFEA0EA0409C}\D494C4B4D26494: DhcpNameServer = 192.168.0.1 192.168.0.1
      FF - ProfilePath - c:\users\laraastur\AppData\Roaming\Mozilla\Firefox\Profiles\v5v2rhyy.default\
      FF - prefs.js: browser.search.defaulturl - Google
      FF - prefs.js: browser.search.selectedEngine - Google
      FF - prefs.js: browser.startup.homepage - hxxp://google.com
      FF - prefs.js: keyword.URL - hxxps://www.google.com/search?q=
      FF - ExtSQL: 2012-12-31 11:04; {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      Wow6432Node-HKCU-Run-AdobeBridge - (no file)
      Toolbar-Locked - (no file)
      HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
      "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
      "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2013-01-23 16:15:13
      ComboFix-quarantined-files.txt 2013-01-23 15:15
      .
      Pre-Run: 136.902.557.696 bytes libres
      Post-Run: 137.923.579.904 bytes libres
      .
      - - End Of File - - 168389DC199C3E0F0BBC3ABDDD271F40

    Página 1 de 3 123 ÚltimoÚltimo