Se me abren páginas de internet solas mientras navego. (Solucionado)

**hack-666** · 27/01/13, 22:15:06

Buenas a todos, el problema que tengo es que estoy navegando normalmente por internet y cuando doy un clic a alguna parte neutral de la página para activarla, se me abre una nueva pestaña que me dirige generalmente a chaturbate.com aunque una o dos veces la página que abre es diferente, antes también sucedía que los enlaces de las páginas no abrían, tenia que dar clic derecho y dar en "abrir en nueva pestaña" no se que tenga mi pc, ya le pase el MBAM, el spybot search & destroy, el AT destroyer, el escaneo de avast, incluso un escaneo ESET online y todo eso bajo el modo seguro con funciones de red y no ha sido suficiente. Uso win7 ultimate, y mi navegador es el chrome. ¿Alguna sugerencia? Si gustan ver los logs me parece que aun los conservo.

Muchas gracias de antemano.

**M@co** · 27/01/13, 22:28:47

Hola .

Realice lo siguiente:

Descargar OTL en el escritorio.

Si tienes problemas con su descarga o ejecución lo vuelves a intentar descargar desde uno de estos enlaces:

Haga doble clic sobre el icono para ejecutarla.
- Asegúrese de que todas las ventanas estén cerradas y que no se interrumpa la ejecución.
Marque la opción Analizar todos

Sombree el contenido del recuadro de abajo luego haga clic derecho con el mouse > copiar.

Código:

msconfig
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.*
%systemroot%\windows\*.exe
HKEY_CURRENT_USER\software\Microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\Microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\runonce
ipconfig /all /c
CREATERESTOREPOINT

Clic derecho con el ratón bajo la casilla Análisis Personalizados/Codigo de Reparación > Pegar
Haga clic en el botón Análisis Rápido/Mínimo.
No modifique alguna otra configuración a menos que se le indique.
Sea paciente, el escaneo se puede llevar un tiempo.
- Cuando finalice la exploración, se abrirán dos ventanas con el block de notas: OTL.Txt y Extras.Txt, estos se guardan en el escritorio.
- Copie (Editar-> Seleccionar todo, Editar-> Copiar) el contenido del archivo OTL.txt y péguelo en la siguiente respuesta.
Cierre la herramienta al terminar el proceso.

Saludos.

**hack-666** · 27/01/13, 23:11:30

Pues la información generada es la siguiente:

OTL logfile created on: 27/01/2013 08:39:25 p.m. - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fernando\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000080a | Country: México | Language: ESM | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 59.69% Memory free
5.98 Gb Paging File | 4.59 Gb Available in Paging File | 76.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 102.96 Gb Free Space | 44.21% Space Free | Partition Type: NTFS
Drive D: | 800.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FERNANDO-PC | User Name: Fernando | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/27 20:37:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fernando\Downloads\OTL.exe
PRC - [2013/01/18 02:07:04 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Archivos de programa\Google\Chrome\Application\chrome.exe
PRC - [2013/01/09 23:04:11 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Archivos de programa\Google\Update\1.3.21.124\GoogleCrashHandler.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/22 20:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/11/13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/17 14:49:00 | 001,713,904 | ---- | M] (Microsoft Corp.) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2012/07/17 14:49:00 | 000,194,304 | ---- | M] (Microsoft Corp.) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 15:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe
PRC - [2010/11/20 15:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Sidebar\sidebar.exe
PRC - [2010/02/11 12:53:42 | 002,756,488 | ---- | M] (ALWIL Software) -- C:\Archivos de programa\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe
PRC - [2007/12/17 04:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007/11/15 05:02:00 | 000,175,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FAMTFBL.EXE
PRC - [2007/01/11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
PRC - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Common Files\microsoft shared\VS7DEBUG\mdm.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/18 02:07:02 | 012,459,472 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
MOD - [2013/01/18 02:07:02 | 000,460,240 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\ppgooglenaclpluginchrome.dll
MOD - [2013/01/18 02:07:01 | 004,012,496 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\pdf.dll
MOD - [2013/01/18 02:06:15 | 000,597,968 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\libglesv2.dll
MOD - [2013/01/18 02:06:15 | 000,124,368 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\libegl.dll
MOD - [2013/01/18 02:06:13 | 001,552,848 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/28 20:22:35 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/26 02:30:30 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/11/09 11:20:06 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Archivos de programa\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/17 14:49:00 | 001,713,904 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/07/20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010/11/20 15:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 19:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 19:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/17 04:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007/01/11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Common Files\microsoft shared\VS7DEBUG\mdm.exe -- (MDM)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\DU Meter\DUMETR32.SYS -- (DUMeterDrv)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/23 08:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2012/08/23 08:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 08:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/08/23 08:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 15:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 15:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010/11/20 15:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010/11/20 15:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 15:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 15:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 15:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 15:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 15:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/02/11 12:42:34 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/02/11 12:42:13 | 000,162,512 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/02/11 12:39:01 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/02/11 12:38:45 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/02/11 12:38:23 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/07/13 16:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2001/08/17 21:06:20 | 000,100,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Icam5USB.sys -- (ICAM5USB)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Noticias, Deportes, Entretenimiento, Videos, Música, Cine y Estilos de Vida en Prodigy MSN
IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-mx
IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 41 2A FB A0 CB CD 01 [binary data]
IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=115286&tt=4812_5&babsrc=SP_ss&mntrId=10713abc00000000000000167605a7bb
IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

[2012/12/02 17:38:50 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions

========== Chrome ==========

CHR - homepage: Google
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: Google
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: CT Sobrio = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\cogcpnmcioajbgpnmaeibpnjbepkbhec\1_0\
CHR - Extension: ScureMyLinks = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmhjlhfghldaofhdoafgpfjnbhihpha\1.0.3_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: AdBlock = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.56_0\
CHR - Extension: Media Flash Player = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk\14.4.402.278_0\
CHR - Extension: \u2605 Extensions Web Store = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nefbimbphlddggoikpapfadmgbjjibpl\22.3.1229.79_0\
CHR - Extension: Hover Zoom = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.9_0\

O1 HOSTS File: ([2009/06/10 15:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Archivos de programa\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Archivos de programa\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A4BFFC1-6A6B-424F-98FB-50AD5F000C3D}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Archivos de programa\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001/10/29 23:51:38 | 000,000,031 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\Shell\AutoRun\command - "" = D:\player.exe -- [2002/07/08 04:19:02 | 000,057,344 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: EPSON TX110 Series - hkey= - key= - File not found
MsConfig - StartUpReg: ROC_roc_ssl_v12 - hkey= - key= - File not found
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: uTorrent - hkey= - key= - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/01/26 19:34:59 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
[2013/01/25 02:30:38 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\Diagnostics
[2013/01/24 01:01:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013/01/22 22:30:16 | 000,000,000 | ---D | C] -- C:\Users\Fernando\Documents\My Games
[2013/01/22 22:28:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology
[2013/01/21 15:06:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/01/21 15:06:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/01/21 15:06:17 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2013/01/21 15:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013/01/17 16:43:42 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Roaming\Malwarebytes
[2013/01/17 16:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/17 16:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/17 16:43:35 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/01/17 16:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/17 16:43:21 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\Programs
[2013/01/17 14:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/01/17 14:50:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/01/12 20:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EveryonePiano
[2013/01/12 20:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\EveryonePiano
[2013/01/09 23:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/01/08 16:41:26 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\CrashDumps
[2013/01/07 22:52:05 | 000,000,000 | ---D | C] -- C:\Users\Fernando\.tvalacarta
[2013/01/07 22:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
[2013/01/07 22:46:07 | 000,000,000 | ---D | C] -- C:\Python27
[2013/01/03 18:04:54 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Roaming\EurekaLog
[2012/12/31 22:19:04 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Roaming\TechSmith
[2012/12/31 22:18:56 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\TechSmith
[2012/12/31 22:18:12 | 000,000,000 | ---D | C] -- C:\Users\Fernando\Documents\Camtasia Studio
[2012/12/31 22:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
[2012/12/31 22:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/12/31 22:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2012/12/31 22:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2012/12/31 22:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2012/12/31 21:03:46 | 000,000,000 | ---D | C] -- C:\Users\Fernando\plicula
[2012/12/31 16:45:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/12/29 20:02:04 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\WMTools Downloaded Files
[2012/12/29 19:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker 2.6
[2012/12/29 19:23:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Photo-Bonny2
[2012/12/29 19:22:06 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\Downloaded Installations
[2012/12/29 01:45:37 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Roaming\GRETECH

========== Files - Modified Within 30 Days ==========

[2013/01/27 20:25:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/27 20:09:01 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/27 19:53:36 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/27 19:53:36 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/27 19:47:01 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/27 19:45:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/27 19:45:04 | 2407,809,024 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/27 01:05:53 | 000,745,236 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2013/01/27 01:05:53 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/27 01:05:53 | 000,157,736 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2013/01/27 01:05:53 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/26 23:21:13 | 000,304,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/22 22:28:56 | 000,002,133 | ---- | M] () -- C:\Users\Fernando\Desktop\Age of Mythology - The Titans Expansion.lnk
[2013/01/22 22:28:56 | 000,002,124 | ---- | M] () -- C:\Users\Fernando\Desktop\Age of Mythology.lnk
[2013/01/20 00:55:22 | 010,545,271 | ---- | M] () -- C:\Users\Fernando\Valerie (Amy Winehouse).mp3
[2013/01/19 23:56:52 | 008,580,863 | ---- | M] () -- C:\Users\Fernando\Amy Winehouse Valery.mp3
[2013/01/19 23:26:26 | 008,451,288 | ---- | M] () -- C:\Users\Fernando\Amy Winehouse Valerie.mp3
[2013/01/02 01:09:46 | 000,003,584 | ---- | M] () -- C:\Users\Fernando\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/31 21:59:01 | 000,225,561 | ---- | M] () -- C:\Users\Fernando\Mi película2.wlmp
[2012/12/31 16:39:30 | 007,976,045 | ---- | M] () -- C:\Users\Fernando\Desktop\oh=f30be675201031387aea64f1a3b59c3f&oe=50E236F7&__gda__=135700.mp4
[2012/12/29 03:17:11 | 001,992,794 | ---- | M] () -- C:\Users\Fernando\Desktop\O Claire.mp3
[2012/12/29 01:03:18 | 000,079,604 | ---- | M] () -- C:\Users\Fernando\Mi película.wlmp

========== Files Created - No Company Name ==========

[2013/01/26 23:21:01 | 000,304,104 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/22 22:28:56 | 000,002,133 | ---- | C] () -- C:\Users\Fernando\Desktop\Age of Mythology - The Titans Expansion.lnk
[2013/01/22 22:28:56 | 000,002,124 | ---- | C] () -- C:\Users\Fernando\Desktop\Age of Mythology.lnk
[2013/01/21 15:06:28 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/01/20 13:55:00 | 008,451,288 | ---- | C] () -- C:\Users\Fernando\Amy Winehouse Valerie (Subtitulada Ingles Español).mp3
[2013/01/20 13:54:59 | 010,545,271 | ---- | C] () -- C:\Users\Fernando\Valerie (Amy Winehouse).mp3
[2013/01/20 13:54:58 | 008,580,863 | ---- | C] () -- C:\Users\Fernando\Amy Winehouse Valery.mp3
[2012/12/31 16:55:18 | 007,976,045 | ---- | C] () -- C:\Users\Fernando\Desktop\oh=f30be675201031387aea64f1a3b59c3f&oe=50E236F7&__gda__=135700.mp4
[2012/12/29 19:59:37 | 000,003,584 | ---- | C] () -- C:\Users\Fernando\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/29 19:58:46 | 000,002,495 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
[2012/12/29 03:17:05 | 001,992,794 | ---- | C] () -- C:\Users\Fernando\Desktop\Musica Dramatica O Claire.mp3
[2012/12/29 03:06:50 | 000,225,561 | ---- | C] () -- C:\Users\Fernando\Mi película2.wlmp
[2012/12/27 14:58:40 | 000,079,604 | ---- | C] () -- C:\Users\Fernando\Mi película.wlmp
[2011/04/11 19:30:30 | 000,745,236 | ---- | C] () -- C:\Windows\System32\perfh00A.dat
[2011/04/11 19:30:30 | 000,341,432 | ---- | C] () -- C:\Windows\System32\perfi00A.dat
[2011/04/11 19:30:30 | 000,157,736 | ---- | C] () -- C:\Windows\System32\perfc00A.dat
[2011/04/11 19:30:30 | 000,041,390 | ---- | C] () -- C:\Windows\System32\perfd00A.dat

========== ZeroAccess Check ==========

[2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 15:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/12/30 16:53:21 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\Audacity
[2013/01/03 18:04:54 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\EurekaLog
[2012/11/29 17:04:06 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\fltk.org
[2012/11/28 18:18:51 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\IDT
[2012/12/31 22:19:04 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\TechSmith
[2013/01/27 20:37:27 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\uTorrent
[2012/12/06 20:33:36 | 000,000,000 | ---D | M] -- C:\Users\Paty\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2013/01/26 19:36:54 | 000,013,241 | ---- | M] () -- C:\AT-Destroyer.txt
[2009/06/10 15:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/11/20 15:29:06 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2012/11/25 14:47:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009/06/10 15:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2013/01/27 19:45:04 | 2407,809,024 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/26 02:26:37 | 000,404,830 | RHS- | M] () -- C:\NEJXY
[2013/01/27 19:45:04 | 3210,416,128 | -HS- | M] () -- C:\pagefile.sys
[2012/11/26 02:26:37 | 000,000,020 | RHS- | M] () -- C:\win7.ld

< %PROGRAMFILES%\*.* >
[2009/07/13 22:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %systemroot%\windows\*.exe >

< HKEY_CURRENT_USER\software\Microsoft\windows\currentversion\run >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 15:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED -- [2012/12/30 22:25:24 | 000,969,104 | ---- | M] (BitTorrent, Inc.)
"Spybot-S&D Cleaning" = "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean -- [2012/11/13 14:07:26 | 003,713,032 | ---- | M] (Safer-Networking Ltd.)

< HKEY_CURRENT_USER\software\Microsoft\windows\currentversion\runonce >

< HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\run >
"IgfxTray" = C:\Windows\system32\igfxtray.exe -- [2009/09/23 19:30:48 | 000,141,848 | ---- | M] (Intel Corporation)
"HotKeysCmds" = C:\Windows\system32\hkcmd.exe -- [2009/09/23 19:30:48 | 000,173,592 | ---- | M] (Intel Corporation)
"Persistence" = C:\Windows\system32\igfxpers.exe -- [2009/09/23 19:30:48 | 000,150,552 | ---- | M] (Intel Corporation)
"avast5" = "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui -- [2010/02/11 12:53:42 | 002,756,488 | ---- | M] (ALWIL Software)
"SunJavaUpdateSched" = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" -- [2012/07/03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.)
"SDTray" = "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" -- [2012/11/13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.)

< HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\runonce >

< ipconfig /all /c >
Configuraci¢n IP de Windows
Nombre de host. . . . . . . . . : Fernando-PC
Sufijo DNS principal . . . . . :
Tipo de nodo. . . . . . . . . . : h¡brido
Enrutamiento IP habilitado. . . : no
Proxy WINS habilitado . . . . . : no
Lista de b£squeda de sufijos DNS: lan
Adaptador de Ethernet Conexi¢n de *rea local:
Sufijo DNS espec¡fico para la conexi¢n. . : lan
Descripci¢n . . . . . . . . . . . . . . . : Conexi¢n de red Intel(R) PRO/100 VE
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-16-76-05-A7-BB
DHCP habilitado . . . . . . . . . . . . . : s¡
Configuraci¢n autom*tica habilitada . . . : s¡
V¡nculo: direcci¢n IPv6 local. . . : fe80::e503:984c:81fd:5895%11(Preferido)
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.64(Preferido)
M*scara de subred . . . . . . . . . . . . : 255.255.255.0
Concesi¢n obtenida. . . . . . . . . . . . : domingo, 27 de enero de 2013 07:45:14 p.m.
La concesi¢n expira . . . . . . . . . . . : lunes, 28 de enero de 2013 08:48:14 p.m.
Puerta de enlace predeterminada . . . . . : 192.168.1.254
Servidor DHCP . . . . . . . . . . . . . . : 192.168.1.254
IAID DHCPv6 . . . . . . . . . . . . . . . : 234886774
DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-18-44-A0-B9-00-16-76-05-A7-BB
Servidores DNS. . . . . . . . . . . . . . : 192.168.1.254
NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado
Adaptador de t£nel isatap.lan:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . : lan
Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom*tica habilitada . . . : s¡
Adaptador de t£nel Conexi¢n de *rea local*:
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom*tica habilitada . . . : s¡
Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:6ab8:2c22:3192:424a:a0da(Preferido)
V¡nculo: direcci¢n IPv6 local. . . : fe80::2c22:3192:424a:a0da%13(Preferido)
Puerta de enlace predeterminada . . . . . : ::
NetBIOS sobre TCP/IP. . . . . . . . . . . : deshabilitado

< End of report >

Saludos.

**M@co** · 27/01/13, 23:33:46

Hola.

Realice lo siguiente:

Desactiva el antivirus y el Spybot S&D.

Sombree el contenido del siguiente recuadro (excepto la palabra código), luego haga clic derecho con el ratón > Copiar.

Código:

:OTL
IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=115286&tt=4812_5&babsrc=SP_ss&mntrId=10713abc000000
O20 - AppInit_DLLs: (c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll) - File not found
O33 - MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\Shell\AutoRun\command - "" = D:\player.exe -- [2002/07/08 04:19:02 | 000,057,344 | R--- | M] ()
MsConfig - StartUpReg: ROC_roc_ssl_v12 - hkey= - key= - File not found

:files
ipconfig /flushdns /c
C:\*.txt

:commands
[resethosts]
[emptytemp]
[createrestorepoint]

Ejecutar OTL.exe
- Clic derecho con el ratón bajo la casilla Análisis Personalizados/Código de Reparación > Pegar.
- Luego haga clic en el botón Reparar ubicado en la parte superior.
- Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
- Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.
Descarga UsbFix a tu escritorio y lo ejecutas de este modo:
1. Conecte todos sus dispositivos extraibles, Pendrive\Micro SD, etc.
2. Haga doble Click sobre USBFix
3. Pulse sobre la opción Supresión
4. Aparecera una advertencia para que conecte sus USB, pulse en Aceptar y proceso de desinfección/vacunación se iniciará.
5. Durante el análisis el escritorio puede desaparecer, esto es normal, si USBFix le pide reiniciar el sistema acepte y reinicie su equipo.
6. Al finalizar, USBFix genera un reporte, el cual se encuentra generalmente en C:\USBFix.txt debe pegar su contenido en el próximo mensaje

Nos comentas los resultados.

Saludos.

**hack-666** · 29/01/13, 01:44:41

Bien, la información generada es la siguiente:

All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-2188098971-3000927000-2979771260-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\ not found.
File move failed. D:\player.exe scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ROC_roc_ssl_v12\ deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
C:\Users\Fernando\Downloads\cmd.bat deleted successfully.
C:\Users\Fernando\Downloads\cmd.txt deleted successfully.
C:\AT-Destroyer.txt moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Fernando
->Temp folder emptied: 3350107 bytes
->Temporary Internet Files folder emptied: 1036585 bytes
->Java cache emptied: 198517 bytes
->Google Chrome cache emptied: 358676344 bytes
->Flash cache emptied: 506 bytes

User: Paty
->Temp folder emptied: 12310044 bytes
->Temporary Internet Files folder emptied: 26784668 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 419363590 bytes
->Flash cache emptied: 492 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 197260 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 784.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 01282013_135533

Files\Folders moved on Reboot...
File move failed. D:\player.exe scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Y la de USBFix:

############################## | UsbFix V 7.096 | [Supresión]

Usuario: Fernando (Administrador) # FERNANDO-PC
Actualizado el 15/08/2012 por El Desaparecido
Comenzó a 14:04:06 | 28/01/2013

Sitio web: Index of /
Foro: http://forum.eldesaparecido.com
Archivo sospechoso ? : http://eldesaparecido.com/upload.php
Contacto: [email protected]

PC: GATEWA (GT5064) (X86-based PC) # Desktop Computer
CPU: Intel(R) Pentium(R) D CPU 2.80GHz (2799)
RAM -> [Total : 3062 | Free : 1864]
BIOS: Default System BIOS
BOOT: Normal boot

OS: Microsoft Windows 7 Ultimate (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disco fijo # 233 Gb (110 Mb libre(s) - 47%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disco extraíble # 2 Gb (2 Mb libre(s) - 100%) [] # FAT
J:\ -> Disco extraíble # 4 Gb (4 Mb libre(s) - 99%) [] # FAT32

################## | Procesos Activos |

C:\Windows\system32\csrss.exe (396)
C:\Windows\system32\wininit.exe (436)
C:\Windows\system32\csrss.exe (448)
C:\Windows\system32\services.exe (496)
C:\Windows\system32\winlogon.exe (528)
C:\Windows\system32\lsass.exe (544)
C:\Windows\system32\lsm.exe (556)
C:\Windows\system32\svchost.exe (664)
C:\Windows\system32\svchost.exe (752)
C:\Windows\System32\svchost.exe (828)
C:\Windows\System32\svchost.exe (884)
C:\Windows\system32\svchost.exe (936)
C:\Windows\system32\svchost.exe (1060)
C:\Windows\system32\svchost.exe (1124)
C:\Windows\system32\svchost.exe (1256)
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1348)
C:\Windows\System32\spoolsv.exe (1592)
C:\Windows\system32\svchost.exe (1624)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1700)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (1748)
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (1788)
C:\Windows\system32\svchost.exe (1816)
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (1860)
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (1912)
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (1960)
C:\Windows\system32\svchost.exe (768)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (1292)
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (1644)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2128)
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (2192)
C:\Windows\system32\svchost.exe (2468)
C:\Windows\System32\WUDFHost.exe (2572)
C:\Windows\system32\taskhost.exe (2852)
C:\Windows\system32\Dwm.exe (2892)
C:\Windows\Explorer.EXE (2920)
C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe (3000)
C:\Windows\system32\SearchIndexer.exe (3224)
C:\Windows\System32\igfxtray.exe (3404)
C:\Windows\System32\hkcmd.exe (3412)
C:\Windows\System32\igfxpers.exe (3448)
C:\Program Files\Alwil Software\Avast5\AvastUI.exe (3456)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (3476)
C:\Windows\system32\igfxsrvc.exe (3512)
C:\Program Files\Windows Sidebar\sidebar.exe (3524)
C:\Program Files\Windows Media Player\wmpnetwk.exe (1296)
C:\Windows\System32\svchost.exe (2708)
C:\Windows\system32\wbem\wmiprvse.exe (3088)
C:\Windows\system32\DllHost.exe (3340)
C:\Program Files\Winamp\winamp.exe (4024)
C:\Windows\system32\sppsvc.exe (4084)
C:\Windows\System32\svchost.exe (3692)
C:\Program Files\Google\Chrome\Application\chrome.exe (1220)
C:\Program Files\Google\Chrome\Application\chrome.exe (4076)
C:\Program Files\Google\Chrome\Application\chrome.exe (3096)
C:\Program Files\Google\Chrome\Application\chrome.exe (3856)
C:\Program Files\Google\Chrome\Application\chrome.exe (3724)
C:\Program Files\Google\Chrome\Application\chrome.exe (4068)
C:\Program Files\Google\Chrome\Application\chrome.exe (1172)
C:\Program Files\Google\Chrome\Application\chrome.exe (172)
C:\Program Files\Google\Chrome\Application\chrome.exe (1776)
C:\Program Files\Google\Chrome\Application\chrome.exe (4168)
C:\Windows\system32\wuauclt.exe (4264)
C:\Windows\system32\SearchProtocolHost.exe (4572)
C:\Windows\system32\SearchFilterHost.exe (4592)
C:\Windows\system32\SearchProtocolHost.exe (4632)
C:\UsbFix\Go.exe (5080)
C:\Windows\system32\wbem\wmiprvse.exe (5204)

################## | Procesos Parados |

Parado! C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1348)
Parado! C:\Windows\System32\spoolsv.exe (1592)
Parado! C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1700)
Parado! C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (1748)
Parado! C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (1788)
Parado! C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (1860)
Parado! C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (1912)
Parado! C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (1960)
Parado! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (1292)
Parado! C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (1644)
Parado! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2128)
Parado! C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (2192)
Parado! C:\Windows\System32\WUDFHost.exe (2572)
Parado! C:\Windows\system32\taskhost.exe (2852)
Parado! C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe (3000)
Parado! C:\Windows\system32\SearchIndexer.exe (3224)
Parado! C:\Windows\System32\igfxtray.exe (3404)
Parado! C:\Windows\System32\hkcmd.exe (3412)
Parado! C:\Windows\System32\igfxpers.exe (3448)
Parado! C:\Program Files\Alwil Software\Avast5\AvastUI.exe (3456)
Parado! C:\Program Files\Common Files\Java\Java Update\jusched.exe (3476)
Parado! C:\Windows\system32\igfxsrvc.exe (3512)
Parado! C:\Program Files\Windows Sidebar\sidebar.exe (3524)
Parado! C:\Program Files\Windows Media Player\wmpnetwk.exe (1296)
Parado! C:\Windows\system32\DllHost.exe (3340)
Parado! C:\Windows\system32\sppsvc.exe (4084)
Parado! C:\Windows\system32\wuauclt.exe (4264)
Parado! C:\Windows\system32\SearchProtocolHost.exe (4572)

################## | Archivos # Carpetas infectadas |

No suprimido ! D:\Player.exe
Suprimido ! C:\$RECYCLE.BIN\S-1-5-20
Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-2188098971-3000927000-2979771260-1001
Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-2188098971-3000927000-2979771260-1003
No suprimido ! D:\autorun.inf

(!) Archivos temporales suprimido.

################## | Registro |

################## | Mountpoints2 |

################## | Listing |

[28/01/2013 - 14:05:53 | SHD ] C:\$Recycle.Bin
[25/11/2012 - 22:01:23 | D ] C:\Archivos de programa
[10/06/2009 - 15:42:20 | N | 24] C:\autoexec.bat
[25/11/2012 - 14:47:48 | SHD ] C:\Boot
[20/11/2010 - 15:29:06 | RASH | 383786] C:\bootmgr
[25/11/2012 - 14:47:49 | N | 8192] C:\BOOTSECT.BAK
[10/06/2009 - 15:42:20 | N | 10] C:\config.sys
[13/07/2009 - 22:53:55 | SHD ] C:\Documents and Settings
[28/01/2013 - 13:58:28 | ASH | 2407809024] C:\hiberfil.sys
[12/12/2012 - 01:02:18 | RHD ] C:\MSOCache
[26/11/2012 - 02:26:37 | | 404830] C:\NEJXY
[28/01/2013 - 13:58:28 | ASH | 3210416128] C:\pagefile.sys
[13/07/2009 - 20:37:05 | D ] C:\PerfLogs
[26/01/2013 - 19:37:50 | D ] C:\Program Files
[21/01/2013 - 16:09:35 | HD ] C:\ProgramData
[07/01/2013 - 22:46:33 | D ] C:\Python27
[25/11/2012 - 22:01:23 | SHD ] C:\Recovery
[28/11/2012 - 17:35:44 | D ] C:\SwSetup
[28/01/2013 - 13:56:52 | SHD ] C:\System Volume Information
[22/12/2012 - 11:39:17 | D ] C:\temp
[28/01/2013 - 14:05:53 | D ] C:\UsbFix
[28/01/2013 - 14:04:25 | A | 7720] C:\UsbFix.txt
[26/11/2012 - 11:14:51 | D ] C:\Users
[26/11/2012 - 02:26:37 | | 20] C:\win7.ld
[26/01/2013 - 21:56:41 | D ] C:\Windows
[26/01/2013 - 19:36:02 | D ] C:\_AT-Destroyer
[28/01/2013 - 13:55:33 | D ] C:\_OTL
[29/10/2001 - 23:51:38 | R | 31] D:\autorun.inf
[27/06/2002 - 00:35:46 | R | 2062] D:\MacPlayer.app
[27/10/2005 - 09:35:17 | D ] D:\player
[08/07/2002 - 04:19:02 | R | 57344] D:\player.exe
[11/12/2002 - 01:50:08 | R | 45056] D:\UninstallPlayer.exe
[23/05/2005 - 09:49:15 | R | 280] D:\UninstallPlayer.txt
[20/01/2013 - 22:05:18 | D ] E:\PATTY
[27/01/2013 - 00:38:38 | N | 7213087] J:\Dennis Brown Lips of wine live.mp3
[25/01/2013 - 07:17:42 | N | 6745117] J:\HUSH TV The Skints It Mek Acoustic Session.mp3
[26/01/2013 - 00:30:30 | N | 10339422] J:\The Skints 'On A Mission' (Katy B cover) SoulCulture.co.uk.mp3
[27/01/2013 - 00:51:44 | N | 10909936] J:\The Skints Cover of Bob Marleys 'Is this Love'.mp3
[25/01/2013 - 07:21:46 | N | 7687471] J:\The Skints perform Dennis Brown's 'Lips of Wine'.mp3

################## | Vaccin |

C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
E:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
J:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

################## | Upload |

Por favor, envie el archivo: C:\UsbFix_Upload_Me_FERNANDO-PC.zip
http://eldesaparecido.com/upload.php
Gracias por su contribución.

################## | E.O.F |

Saludos.

**M@co** · 29/01/13, 10:47:47

Hola.

Dale doble clic a AT-Destroyer.exe y lo desinstalas. Repite esa operación con USBFix.

Dale doble clic a OTL.exe y luego pulsa en LIMPIAR.

Saludos.

**hack-666** · 03/02/13, 22:48:18

No ha vuelto a suceder de nuevo, todo en orden, muchas gracias por la ayuda. Saludos.

Se me abren páginas de internet solas mientras navego. (Solucionado)

Herramientas

Se me abren páginas de internet solas mientras navego. (Solucionado)

Re: Se me abren páginas de internet solas mientras navego.

Re: Se me abren páginas de internet solas mientras navego.

Re: Se me abren páginas de internet solas mientras navego.

Re: Se me abren páginas de internet solas mientras navego.

Re: Se me abren páginas de internet solas mientras navego.

Re: Se me abren páginas de internet solas mientras navego.