• Registrarse
  • Iniciar sesión


  • Resultados 1 al 7 de 7

    Se me abren páginas de internet solas mientras navego. (Solucionado)

    Resumen del tema: Se me abren páginas de internet solas mientras navego. (Solucionado) - Buenas a todos, el problema que tengo es que estoy navegando normalmente por internet y cuando doy un clic a alguna parte neutral de la página para activarla, se me abre una nueva pestaña que ...

      
    1. #1
      Usuario Avatar de hack-666
      Registrado
      mar 2008
      Ubicación
      Mexico
      Mensajes
      9

      Se me abren páginas de internet solas mientras navego. (Solucionado)

      Buenas a todos, el problema que tengo es que estoy navegando normalmente por internet y cuando doy un clic a alguna parte neutral de la página para activarla, se me abre una nueva pestaña que me dirige generalmente a chaturbate.com aunque una o dos veces la página que abre es diferente, antes también sucedía que los enlaces de las páginas no abrían, tenia que dar clic derecho y dar en "abrir en nueva pestaña" no se que tenga mi pc, ya le pase el MBAM, el spybot search & destroy, el AT destroyer, el escaneo de avast, incluso un escaneo ESET online y todo eso bajo el modo seguro con funciones de red y no ha sido suficiente. Uso win7 ultimate, y mi navegador es el chrome. ¿Alguna sugerencia? Si gustan ver los logs me parece que aun los conservo.

      Muchas gracias de antemano.

    2. #2
      Moderador
      Avatar de M@co
      Registrado
      dic 2007
      Ubicación
      America
      Mensajes
      15.682

      Re: Se me abren páginas de internet solas mientras navego.

      Hola .

      Realice lo siguiente:

      Descargar OTL en el escritorio.
      Si tienes problemas con su descarga o ejecución lo vuelves a intentar descargar desde uno de estos enlaces:
      • Haga doble clic sobre el icono para ejecutarla.
        • Asegúrese de que todas las ventanas estén cerradas y que no se interrumpa la ejecución.
      • Marque la opción Analizar todos
      • Sombree el contenido del recuadro de abajo luego haga clic derecho con el mouse > copiar.
        Código:
        msconfig
        %SYSTEMDRIVE%\*.*
        %PROGRAMFILES%\*.*
        %systemroot%\windows\*.exe
        HKEY_CURRENT_USER\software\Microsoft\windows\currentversion\run
        HKEY_CURRENT_USER\software\Microsoft\windows\currentversion\runonce
        HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\run
        HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\runonce
        ipconfig /all /c
        CREATERESTOREPOINT
      • Clic derecho con el ratón bajo la casilla Análisis Personalizados/Codigo de Reparación > Pegar
      • Haga clic en el botón Análisis Rápido/Mínimo.
      • No modifique alguna otra configuración a menos que se le indique.
      • Sea paciente, el escaneo se puede llevar un tiempo.
        • Cuando finalice la exploración, se abrirán dos ventanas con el block de notas: OTL.Txt y Extras.Txt, estos se guardan en el escritorio.
        • Copie (Editar-> Seleccionar todo, Editar-> Copiar) el contenido del archivo OTL.txt y péguelo en la siguiente respuesta.
      • Cierre la herramienta al terminar el proceso.


      Saludos.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de hack-666
      Registrado
      mar 2008
      Ubicación
      Mexico
      Mensajes
      9

      Re: Se me abren páginas de internet solas mientras navego.

      Pues la información generada es la siguiente:

      OTL logfile created on: 27/01/2013 08:39:25 p.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fernando\Downloads
      Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 0000080a | Country: México | Language: ESM | Date Format: dd/MM/yyyy

      2.99 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 59.69% Memory free
      5.98 Gb Paging File | 4.59 Gb Available in Paging File | 76.76% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 232.88 Gb Total Space | 102.96 Gb Free Space | 44.21% Space Free | Partition Type: NTFS
      Drive D: | 800.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

      Computer Name: FERNANDO-PC | User Name: Fernando | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Quick Scan
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - [2013/01/27 20:37:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fernando\Downloads\OTL.exe
      PRC - [2013/01/18 02:07:04 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Archivos de programa\Google\Chrome\Application\chrome.exe
      PRC - [2013/01/09 23:04:11 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Archivos de programa\Google\Update\1.3.21.124\GoogleCrashHandler.exe
      PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe
      PRC - [2012/11/22 20:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
      PRC - [2012/11/13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdate.exe
      PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDWSCSvc.exe
      PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDUpdSvc.exe
      PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Archivos de programa\Spybot - Search & Destroy 2\SDFSSvc.exe
      PRC - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe
      PRC - [2012/07/17 14:49:00 | 001,713,904 | ---- | M] (Microsoft Corp.) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
      PRC - [2012/07/17 14:49:00 | 000,194,304 | ---- | M] (Microsoft Corp.) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
      PRC - [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
      PRC - [2010/11/20 15:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe
      PRC - [2010/11/20 15:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Windows Sidebar\sidebar.exe
      PRC - [2010/02/11 12:53:42 | 002,756,488 | ---- | M] (ALWIL Software) -- C:\Archivos de programa\Alwil Software\Avast5\AvastUI.exe
      PRC - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe
      PRC - [2007/12/17 04:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
      PRC - [2007/11/15 05:02:00 | 000,175,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FAMTFBL.EXE
      PRC - [2007/01/11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
      PRC - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Archivos de programa\Common Files\microsoft shared\VS7DEBUG\mdm.exe


      ========== Modules (No Company Name) ==========

      MOD - [2013/01/18 02:07:02 | 012,459,472 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
      MOD - [2013/01/18 02:07:02 | 000,460,240 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\ppgooglenaclpluginchrome.dll
      MOD - [2013/01/18 02:07:01 | 004,012,496 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\pdf.dll
      MOD - [2013/01/18 02:06:15 | 000,597,968 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\libglesv2.dll
      MOD - [2013/01/18 02:06:15 | 000,124,368 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\libegl.dll
      MOD - [2013/01/18 02:06:13 | 001,552,848 | ---- | M] () -- C:\Archivos de programa\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll


      ========== Services (SafeList) ==========

      SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
      SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
      SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
      SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
      SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
      SRV - [2012/11/28 20:22:35 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
      SRV - [2012/11/26 02:30:30 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
      SRV - [2012/11/09 11:20:06 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Archivos de programa\Skype\Updater\Updater.exe -- (SkypeUpdate)
      SRV - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
      SRV - [2012/07/17 14:49:00 | 001,713,904 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
      SRV - [2011/07/20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
      SRV - [2010/11/20 15:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
      SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
      SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
      SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
      SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
      SRV - [2009/07/13 19:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
      SRV - [2009/07/13 19:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend)
      SRV - [2007/12/17 04:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01)
      SRV - [2007/01/11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01)
      SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
      SRV - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Common Files\microsoft shared\VS7DEBUG\mdm.exe -- (MDM)


      ========== Driver Services (SafeList) ==========

      DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
      DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\DU Meter\DUMETR32.SYS -- (DUMeterDrv)
      DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
      DRV - [2012/08/23 08:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
      DRV - [2012/08/23 08:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
      DRV - [2012/08/23 08:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
      DRV - [2012/08/23 08:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
      DRV - [2010/11/20 15:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
      DRV - [2010/11/20 15:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
      DRV - [2010/11/20 15:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
      DRV - [2010/11/20 15:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
      DRV - [2010/11/20 15:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
      DRV - [2010/11/20 15:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
      DRV - [2010/11/20 15:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
      DRV - [2010/11/20 15:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
      DRV - [2010/11/20 15:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
      DRV - [2010/02/11 12:42:34 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
      DRV - [2010/02/11 12:42:13 | 000,162,512 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
      DRV - [2010/02/11 12:39:01 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
      DRV - [2010/02/11 12:38:45 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
      DRV - [2010/02/11 12:38:23 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
      DRV - [2009/07/13 16:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
      DRV - [2001/08/17 21:06:20 | 000,100,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Icam5USB.sys -- (ICAM5USB)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Noticias, Deportes, Entretenimiento, Videos, Música, Cine y Estilos de Vida en Prodigy MSN
      IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-mx
      IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 41 2A FB A0 CB CD 01 [binary data]
      IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=115286&tt=4812_5&babsrc=SP_ss&mntrId=10713abc00000000000000167605a7bb
      IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      ========== FireFox ==========

      FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


      [2012/12/02 17:38:50 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions

      ========== Chrome ==========

      CHR - homepage: Google
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: Google
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
      CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
      CHR - plugin: Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
      CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\system32\npDeployJava1.dll
      CHR - Extension: CT Sobrio = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\cogcpnmcioajbgpnmaeibpnjbepkbhec\1_0\
      CHR - Extension: ScureMyLinks = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmhjlhfghldaofhdoafgpfjnbhihpha\1.0.3_0\
      CHR - Extension: Photo Zoom for Facebook = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
      CHR - Extension: AdBlock = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.56_0\
      CHR - Extension: Media Flash Player = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk\14.4.402.278_0\
      CHR - Extension: \u2605 Extensions Web Store = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nefbimbphlddggoikpapfadmgbjjibpl\22.3.1229.79_0\
      CHR - Extension: Hover Zoom = C:\Users\Fernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.9_0\

      O1 HOSTS File: ([2009/06/10 15:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Archivos de programa\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
      O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
      O4 - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
      O4 - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Archivos de programa\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O13 - gopher Prefix: missing
      O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A4BFFC1-6A6B-424F-98FB-50AD5F000C3D}: DhcpNameServer = 192.168.1.254
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Archivos de programa\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll) - File not found
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O32 - AutoRun File - [2001/10/29 23:51:38 | 000,000,031 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
      O33 - MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\Shell - "" = AutoRun
      O33 - MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\Shell\AutoRun\command - "" = D:\player.exe -- [2002/07/08 04:19:02 | 000,057,344 | R--- | M] ()
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: EPSON TX110 Series - hkey= - key= - File not found
      MsConfig - StartUpReg: ROC_roc_ssl_v12 - hkey= - key= - File not found
      MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
      MsConfig - StartUpReg: uTorrent - hkey= - key= - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
      MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
      MsConfig - State: "startup" - 2

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/01/26 19:34:59 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2013/01/25 02:30:38 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\Diagnostics
      [2013/01/24 01:01:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
      [2013/01/22 22:30:16 | 000,000,000 | ---D | C] -- C:\Users\Fernando\Documents\My Games
      [2013/01/22 22:28:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology
      [2013/01/21 15:06:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
      [2013/01/21 15:06:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
      [2013/01/21 15:06:17 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
      [2013/01/21 15:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
      [2013/01/17 16:43:42 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Roaming\Malwarebytes
      [2013/01/17 16:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/01/17 16:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/01/17 16:43:35 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2013/01/17 16:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2013/01/17 16:43:21 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\Programs
      [2013/01/17 14:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
      [2013/01/17 14:50:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java
      [2013/01/12 20:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EveryonePiano
      [2013/01/12 20:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\EveryonePiano
      [2013/01/09 23:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
      [2013/01/08 16:41:26 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\CrashDumps
      [2013/01/07 22:52:05 | 000,000,000 | ---D | C] -- C:\Users\Fernando\.tvalacarta
      [2013/01/07 22:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
      [2013/01/07 22:46:07 | 000,000,000 | ---D | C] -- C:\Python27
      [2013/01/03 18:04:54 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Roaming\EurekaLog
      [2012/12/31 22:19:04 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Roaming\TechSmith
      [2012/12/31 22:18:56 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\TechSmith
      [2012/12/31 22:18:12 | 000,000,000 | ---D | C] -- C:\Users\Fernando\Documents\Camtasia Studio
      [2012/12/31 22:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
      [2012/12/31 22:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
      [2012/12/31 22:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
      [2012/12/31 22:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
      [2012/12/31 22:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
      [2012/12/31 21:03:46 | 000,000,000 | ---D | C] -- C:\Users\Fernando\plicula
      [2012/12/31 16:45:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
      [2012/12/29 20:02:04 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\WMTools Downloaded Files
      [2012/12/29 19:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker 2.6
      [2012/12/29 19:23:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Photo-Bonny2
      [2012/12/29 19:22:06 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Local\Downloaded Installations
      [2012/12/29 01:45:37 | 000,000,000 | ---D | C] -- C:\Users\Fernando\AppData\Roaming\GRETECH

      ========== Files - Modified Within 30 Days ==========

      [2013/01/27 20:25:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/01/27 20:09:01 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/01/27 19:53:36 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/01/27 19:53:36 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/01/27 19:47:01 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/01/27 19:45:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/01/27 19:45:04 | 2407,809,024 | -HS- | M] () -- C:\hiberfil.sys
      [2013/01/27 01:05:53 | 000,745,236 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2013/01/27 01:05:53 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2013/01/27 01:05:53 | 000,157,736 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2013/01/27 01:05:53 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2013/01/26 23:21:13 | 000,304,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
      [2013/01/22 22:28:56 | 000,002,133 | ---- | M] () -- C:\Users\Fernando\Desktop\Age of Mythology - The Titans Expansion.lnk
      [2013/01/22 22:28:56 | 000,002,124 | ---- | M] () -- C:\Users\Fernando\Desktop\Age of Mythology.lnk
      [2013/01/20 00:55:22 | 010,545,271 | ---- | M] () -- C:\Users\Fernando\Valerie (Amy Winehouse).mp3
      [2013/01/19 23:56:52 | 008,580,863 | ---- | M] () -- C:\Users\Fernando\Amy Winehouse Valery.mp3
      [2013/01/19 23:26:26 | 008,451,288 | ---- | M] () -- C:\Users\Fernando\Amy Winehouse Valerie.mp3
      [2013/01/02 01:09:46 | 000,003,584 | ---- | M] () -- C:\Users\Fernando\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/12/31 21:59:01 | 000,225,561 | ---- | M] () -- C:\Users\Fernando\Mi película2.wlmp
      [2012/12/31 16:39:30 | 007,976,045 | ---- | M] () -- C:\Users\Fernando\Desktop\oh=f30be675201031387aea64f1a3b59c3f&oe=50E236F7&__gda__=135700.mp4
      [2012/12/29 03:17:11 | 001,992,794 | ---- | M] () -- C:\Users\Fernando\Desktop\O Claire.mp3
      [2012/12/29 01:03:18 | 000,079,604 | ---- | M] () -- C:\Users\Fernando\Mi película.wlmp

      ========== Files Created - No Company Name ==========

      [2013/01/26 23:21:01 | 000,304,104 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
      [2013/01/22 22:28:56 | 000,002,133 | ---- | C] () -- C:\Users\Fernando\Desktop\Age of Mythology - The Titans Expansion.lnk
      [2013/01/22 22:28:56 | 000,002,124 | ---- | C] () -- C:\Users\Fernando\Desktop\Age of Mythology.lnk
      [2013/01/21 15:06:28 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
      [2013/01/20 13:55:00 | 008,451,288 | ---- | C] () -- C:\Users\Fernando\Amy Winehouse Valerie (Subtitulada Ingles Español).mp3
      [2013/01/20 13:54:59 | 010,545,271 | ---- | C] () -- C:\Users\Fernando\Valerie (Amy Winehouse).mp3
      [2013/01/20 13:54:58 | 008,580,863 | ---- | C] () -- C:\Users\Fernando\Amy Winehouse Valery.mp3
      [2012/12/31 16:55:18 | 007,976,045 | ---- | C] () -- C:\Users\Fernando\Desktop\oh=f30be675201031387aea64f1a3b59c3f&oe=50E236F7&__gda__=135700.mp4
      [2012/12/29 19:59:37 | 000,003,584 | ---- | C] () -- C:\Users\Fernando\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/12/29 19:58:46 | 000,002,495 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
      [2012/12/29 03:17:05 | 001,992,794 | ---- | C] () -- C:\Users\Fernando\Desktop\Musica Dramatica O Claire.mp3
      [2012/12/29 03:06:50 | 000,225,561 | ---- | C] () -- C:\Users\Fernando\Mi película2.wlmp
      [2012/12/27 14:58:40 | 000,079,604 | ---- | C] () -- C:\Users\Fernando\Mi película.wlmp
      [2011/04/11 19:30:30 | 000,745,236 | ---- | C] () -- C:\Windows\System32\perfh00A.dat
      [2011/04/11 19:30:30 | 000,341,432 | ---- | C] () -- C:\Windows\System32\perfi00A.dat
      [2011/04/11 19:30:30 | 000,157,736 | ---- | C] () -- C:\Windows\System32\perfc00A.dat
      [2011/04/11 19:30:30 | 000,041,390 | ---- | C] () -- C:\Windows\System32\perfd00A.dat

      ========== ZeroAccess Check ==========

      [2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 15:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/12/30 16:53:21 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\Audacity
      [2013/01/03 18:04:54 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\EurekaLog
      [2012/11/29 17:04:06 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\fltk.org
      [2012/11/28 18:18:51 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\IDT
      [2012/12/31 22:19:04 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\TechSmith
      [2013/01/27 20:37:27 | 000,000,000 | ---D | M] -- C:\Users\Fernando\AppData\Roaming\uTorrent
      [2012/12/06 20:33:36 | 000,000,000 | ---D | M] -- C:\Users\Paty\AppData\Roaming\uTorrent

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2013/01/26 19:36:54 | 000,013,241 | ---- | M] () -- C:\AT-Destroyer.txt
      [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2010/11/20 15:29:06 | 000,383,786 | RHS- | M] () -- C:\bootmgr
      [2012/11/25 14:47:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2009/06/10 15:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2013/01/27 19:45:04 | 2407,809,024 | -HS- | M] () -- C:\hiberfil.sys
      [2012/11/26 02:26:37 | 000,404,830 | RHS- | M] () -- C:\NEJXY
      [2013/01/27 19:45:04 | 3210,416,128 | -HS- | M] () -- C:\pagefile.sys
      [2012/11/26 02:26:37 | 000,000,020 | RHS- | M] () -- C:\win7.ld

      < %PROGRAMFILES%\*.* >
      [2009/07/13 22:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

      < %systemroot%\windows\*.exe >

      < HKEY_CURRENT_USER\software\Microsoft\windows\currentversion\run >
      "Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 15:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
      "uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED -- [2012/12/30 22:25:24 | 000,969,104 | ---- | M] (BitTorrent, Inc.)
      "Spybot-S&D Cleaning" = "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean -- [2012/11/13 14:07:26 | 003,713,032 | ---- | M] (Safer-Networking Ltd.)

      < HKEY_CURRENT_USER\software\Microsoft\windows\currentversion\runonce >

      < HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\run >
      "IgfxTray" = C:\Windows\system32\igfxtray.exe -- [2009/09/23 19:30:48 | 000,141,848 | ---- | M] (Intel Corporation)
      "HotKeysCmds" = C:\Windows\system32\hkcmd.exe -- [2009/09/23 19:30:48 | 000,173,592 | ---- | M] (Intel Corporation)
      "Persistence" = C:\Windows\system32\igfxpers.exe -- [2009/09/23 19:30:48 | 000,150,552 | ---- | M] (Intel Corporation)
      "avast5" = "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui -- [2010/02/11 12:53:42 | 002,756,488 | ---- | M] (ALWIL Software)
      "SunJavaUpdateSched" = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" -- [2012/07/03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.)
      "SDTray" = "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" -- [2012/11/13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.)

      < HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\runonce >

      < ipconfig /all /c >
      Configuraci¢n IP de Windows
      Nombre de host. . . . . . . . . : Fernando-PC
      Sufijo DNS principal . . . . . :
      Tipo de nodo. . . . . . . . . . : h¡brido
      Enrutamiento IP habilitado. . . : no
      Proxy WINS habilitado . . . . . : no
      Lista de b£squeda de sufijos DNS: lan
      Adaptador de Ethernet Conexi¢n de *rea local:
      Sufijo DNS espec¡fico para la conexi¢n. . : lan
      Descripci¢n . . . . . . . . . . . . . . . : Conexi¢n de red Intel(R) PRO/100 VE
      Direcci¢n f¡sica. . . . . . . . . . . . . : 00-16-76-05-A7-BB
      DHCP habilitado . . . . . . . . . . . . . : s¡
      Configuraci¢n autom*tica habilitada . . . : s¡
      V¡nculo: direcci¢n IPv6 local. . . : fe80::e503:984c:81fd:5895%11(Preferido)
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.64(Preferido)
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Concesi¢n obtenida. . . . . . . . . . . . : domingo, 27 de enero de 2013 07:45:14 p.m.
      La concesi¢n expira . . . . . . . . . . . : lunes, 28 de enero de 2013 08:48:14 p.m.
      Puerta de enlace predeterminada . . . . . : 192.168.1.254
      Servidor DHCP . . . . . . . . . . . . . . : 192.168.1.254
      IAID DHCPv6 . . . . . . . . . . . . . . . : 234886774
      DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-18-44-A0-B9-00-16-76-05-A7-BB
      Servidores DNS. . . . . . . . . . . . . . : 192.168.1.254
      NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado
      Adaptador de t£nel isatap.lan:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : lan
      Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft
      Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
      DHCP habilitado . . . . . . . . . . . . . : no
      Configuraci¢n autom*tica habilitada . . . : s¡
      Adaptador de t£nel Conexi¢n de *rea local*:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Descripci¢n . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
      Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
      DHCP habilitado . . . . . . . . . . . . . : no
      Configuraci¢n autom*tica habilitada . . . : s¡
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:6ab8:2c22:3192:424a:a0da(Preferido)
      V¡nculo: direcci¢n IPv6 local. . . : fe80::2c22:3192:424a:a0da%13(Preferido)
      Puerta de enlace predeterminada . . . . . : ::
      NetBIOS sobre TCP/IP. . . . . . . . . . . : deshabilitado

      < End of report >

      Saludos.

    4. #4
      Moderador
      Avatar de M@co
      Registrado
      dic 2007
      Ubicación
      America
      Mensajes
      15.682

      Re: Se me abren páginas de internet solas mientras navego.

      Hola.

      Realice lo siguiente:

      1. Desactiva el antivirus y el Spybot S&D.

      2. Sombree el contenido del siguiente recuadro (excepto la palabra código), luego haga clic derecho con el ratón > Copiar.
        Código:
        :OTL
        IE - HKU\S-1-5-21-2188098971-3000927000-2979771260-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=115286&tt=4812_5&babsrc=SP_ss&mntrId=10713abc000000
        O20 - AppInit_DLLs: (c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll) - File not found
        O33 - MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\Shell - "" = AutoRun
        O33 - MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\Shell\AutoRun\command - "" = D:\player.exe -- [2002/07/08 04:19:02 | 000,057,344 | R--- | M] ()
        MsConfig - StartUpReg: ROC_roc_ssl_v12 - hkey= - key= - File not found
        
        :files
        ipconfig /flushdns /c
        C:\*.txt
        
        :commands
        [resethosts]
        [emptytemp]
        [createrestorepoint]
      3. Ejecutar OTL.exe
        • Clic derecho con el ratón bajo la casilla Análisis Personalizados/Código de Reparación > Pegar.
        • Luego haga clic en el botón Reparar ubicado en la parte superior.
        • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
        • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.


      4. Descarga UsbFix a tu escritorio y lo ejecutas de este modo:
        1. Conecte todos sus dispositivos extraibles, Pendrive\Micro SD, etc.
        2. Haga doble Click sobre USBFix
        3. Pulse sobre la opción Supresión
        4. Aparecera una advertencia para que conecte sus USB, pulse en Aceptar y proceso de desinfección/vacunación se iniciará.
        5. Durante el análisis el escritorio puede desaparecer, esto es normal, si USBFix le pide reiniciar el sistema acepte y reinicie su equipo.
        6. Al finalizar, USBFix genera un reporte, el cual se encuentra generalmente en C:\USBFix.txt debe pegar su contenido en el próximo mensaje


      Nos comentas los resultados.

      Saludos.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de hack-666
      Registrado
      mar 2008
      Ubicación
      Mexico
      Mensajes
      9

      Re: Se me abren páginas de internet solas mientras navego.

      Bien, la información generada es la siguiente:

      All processes killed
      ========== OTL ==========
      Registry key HKEY_USERS\S-1-5-21-2188098971-3000927000-2979771260-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dfcdc108-377c-11e2-8e41-806e6f6e6963}\ not found.
      File move failed. D:\player.exe scheduled to be moved on reboot.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ROC_roc_ssl_v12\ deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Fernando\Downloads\cmd.bat deleted successfully.
      C:\Users\Fernando\Downloads\cmd.txt deleted successfully.
      C:\AT-Destroyer.txt moved successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Fernando
      ->Temp folder emptied: 3350107 bytes
      ->Temporary Internet Files folder emptied: 1036585 bytes
      ->Java cache emptied: 198517 bytes
      ->Google Chrome cache emptied: 358676344 bytes
      ->Flash cache emptied: 506 bytes

      User: Paty
      ->Temp folder emptied: 12310044 bytes
      ->Temporary Internet Files folder emptied: 26784668 bytes
      ->Java cache emptied: 0 bytes
      ->Google Chrome cache emptied: 419363590 bytes
      ->Flash cache emptied: 492 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 197260 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 784.00 mb

      Restore point Set: OTL Restore Point

      OTL by OldTimer - Version 3.2.69.0 log created on 01282013_135533

      Files\Folders moved on Reboot...
      File move failed. D:\player.exe scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...


      Y la de USBFix:

      ############################## | UsbFix V 7.096 | [Supresión]

      Usuario: Fernando (Administrador) # FERNANDO-PC
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 14:04:06 | 28/01/2013

      Sitio web: Index of /
      Foro: http://forum.eldesaparecido.com
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: GATEWA (GT5064) (X86-based PC) # Desktop Computer
      CPU: Intel(R) Pentium(R) D CPU 2.80GHz (2799)
      RAM -> [Total : 3062 | Free : 1864]
      BIOS: Default System BIOS
      BOOT: Normal boot

      OS: Microsoft Windows 7 Ultimate (6.1.7601 32-Bit) # Service Pack 1
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: avast! Antivirus [(!) Disabled | Updated]
      FW: Windows FireWall Service [Enabled]

      C:\ (%systemdrive%) -> Disco fijo # 233 Gb (110 Mb libre(s) - 47%) [] # NTFS
      D:\ -> CD-ROM
      E:\ -> Disco extraíble # 2 Gb (2 Mb libre(s) - 100%) [] # FAT
      J:\ -> Disco extraíble # 4 Gb (4 Mb libre(s) - 99%) [] # FAT32

      ################## | Procesos Activos |

      C:\Windows\system32\csrss.exe (396)
      C:\Windows\system32\wininit.exe (436)
      C:\Windows\system32\csrss.exe (448)
      C:\Windows\system32\services.exe (496)
      C:\Windows\system32\winlogon.exe (528)
      C:\Windows\system32\lsass.exe (544)
      C:\Windows\system32\lsm.exe (556)
      C:\Windows\system32\svchost.exe (664)
      C:\Windows\system32\svchost.exe (752)
      C:\Windows\System32\svchost.exe (828)
      C:\Windows\System32\svchost.exe (884)
      C:\Windows\system32\svchost.exe (936)
      C:\Windows\system32\svchost.exe (1060)
      C:\Windows\system32\svchost.exe (1124)
      C:\Windows\system32\svchost.exe (1256)
      C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1348)
      C:\Windows\System32\spoolsv.exe (1592)
      C:\Windows\system32\svchost.exe (1624)
      C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1700)
      C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (1748)
      C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (1788)
      C:\Windows\system32\svchost.exe (1816)
      C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (1860)
      C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (1912)
      C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (1960)
      C:\Windows\system32\svchost.exe (768)
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (1292)
      C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (1644)
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2128)
      C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (2192)
      C:\Windows\system32\svchost.exe (2468)
      C:\Windows\System32\WUDFHost.exe (2572)
      C:\Windows\system32\taskhost.exe (2852)
      C:\Windows\system32\Dwm.exe (2892)
      C:\Windows\Explorer.EXE (2920)
      C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe (3000)
      C:\Windows\system32\SearchIndexer.exe (3224)
      C:\Windows\System32\igfxtray.exe (3404)
      C:\Windows\System32\hkcmd.exe (3412)
      C:\Windows\System32\igfxpers.exe (3448)
      C:\Program Files\Alwil Software\Avast5\AvastUI.exe (3456)
      C:\Program Files\Common Files\Java\Java Update\jusched.exe (3476)
      C:\Windows\system32\igfxsrvc.exe (3512)
      C:\Program Files\Windows Sidebar\sidebar.exe (3524)
      C:\Program Files\Windows Media Player\wmpnetwk.exe (1296)
      C:\Windows\System32\svchost.exe (2708)
      C:\Windows\system32\wbem\wmiprvse.exe (3088)
      C:\Windows\system32\DllHost.exe (3340)
      C:\Program Files\Winamp\winamp.exe (4024)
      C:\Windows\system32\sppsvc.exe (4084)
      C:\Windows\System32\svchost.exe (3692)
      C:\Program Files\Google\Chrome\Application\chrome.exe (1220)
      C:\Program Files\Google\Chrome\Application\chrome.exe (4076)
      C:\Program Files\Google\Chrome\Application\chrome.exe (3096)
      C:\Program Files\Google\Chrome\Application\chrome.exe (3856)
      C:\Program Files\Google\Chrome\Application\chrome.exe (3724)
      C:\Program Files\Google\Chrome\Application\chrome.exe (4068)
      C:\Program Files\Google\Chrome\Application\chrome.exe (1172)
      C:\Program Files\Google\Chrome\Application\chrome.exe (172)
      C:\Program Files\Google\Chrome\Application\chrome.exe (1776)
      C:\Program Files\Google\Chrome\Application\chrome.exe (4168)
      C:\Windows\system32\wuauclt.exe (4264)
      C:\Windows\system32\SearchProtocolHost.exe (4572)
      C:\Windows\system32\SearchFilterHost.exe (4592)
      C:\Windows\system32\SearchProtocolHost.exe (4632)
      C:\UsbFix\Go.exe (5080)
      C:\Windows\system32\wbem\wmiprvse.exe (5204)

      ################## | Procesos Parados |

      Parado! C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1348)
      Parado! C:\Windows\System32\spoolsv.exe (1592)
      Parado! C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1700)
      Parado! C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (1748)
      Parado! C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (1788)
      Parado! C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (1860)
      Parado! C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (1912)
      Parado! C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (1960)
      Parado! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (1292)
      Parado! C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (1644)
      Parado! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2128)
      Parado! C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (2192)
      Parado! C:\Windows\System32\WUDFHost.exe (2572)
      Parado! C:\Windows\system32\taskhost.exe (2852)
      Parado! C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe (3000)
      Parado! C:\Windows\system32\SearchIndexer.exe (3224)
      Parado! C:\Windows\System32\igfxtray.exe (3404)
      Parado! C:\Windows\System32\hkcmd.exe (3412)
      Parado! C:\Windows\System32\igfxpers.exe (3448)
      Parado! C:\Program Files\Alwil Software\Avast5\AvastUI.exe (3456)
      Parado! C:\Program Files\Common Files\Java\Java Update\jusched.exe (3476)
      Parado! C:\Windows\system32\igfxsrvc.exe (3512)
      Parado! C:\Program Files\Windows Sidebar\sidebar.exe (3524)
      Parado! C:\Program Files\Windows Media Player\wmpnetwk.exe (1296)
      Parado! C:\Windows\system32\DllHost.exe (3340)
      Parado! C:\Windows\system32\sppsvc.exe (4084)
      Parado! C:\Windows\system32\wuauclt.exe (4264)
      Parado! C:\Windows\system32\SearchProtocolHost.exe (4572)

      ################## | Archivos # Carpetas infectadas |

      No suprimido ! D:\Player.exe
      Suprimido ! C:\$RECYCLE.BIN\S-1-5-20
      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-2188098971-3000927000-2979771260-1001
      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-2188098971-3000927000-2979771260-1003
      No suprimido ! D:\autorun.inf

      (!) Archivos temporales suprimido.

      ################## | Registro |


      ################## | Mountpoints2 |


      ################## | Listing |

      [28/01/2013 - 14:05:53 | SHD ] C:\$Recycle.Bin
      [25/11/2012 - 22:01:23 | D ] C:\Archivos de programa
      [10/06/2009 - 15:42:20 | N | 24] C:\autoexec.bat
      [25/11/2012 - 14:47:48 | SHD ] C:\Boot
      [20/11/2010 - 15:29:06 | RASH | 383786] C:\bootmgr
      [25/11/2012 - 14:47:49 | N | 8192] C:\BOOTSECT.BAK
      [10/06/2009 - 15:42:20 | N | 10] C:\config.sys
      [13/07/2009 - 22:53:55 | SHD ] C:\Documents and Settings
      [28/01/2013 - 13:58:28 | ASH | 2407809024] C:\hiberfil.sys
      [12/12/2012 - 01:02:18 | RHD ] C:\MSOCache
      [26/11/2012 - 02:26:37 | | 404830] C:\NEJXY
      [28/01/2013 - 13:58:28 | ASH | 3210416128] C:\pagefile.sys
      [13/07/2009 - 20:37:05 | D ] C:\PerfLogs
      [26/01/2013 - 19:37:50 | D ] C:\Program Files
      [21/01/2013 - 16:09:35 | HD ] C:\ProgramData
      [07/01/2013 - 22:46:33 | D ] C:\Python27
      [25/11/2012 - 22:01:23 | SHD ] C:\Recovery
      [28/11/2012 - 17:35:44 | D ] C:\SwSetup
      [28/01/2013 - 13:56:52 | SHD ] C:\System Volume Information
      [22/12/2012 - 11:39:17 | D ] C:\temp
      [28/01/2013 - 14:05:53 | D ] C:\UsbFix
      [28/01/2013 - 14:04:25 | A | 7720] C:\UsbFix.txt
      [26/11/2012 - 11:14:51 | D ] C:\Users
      [26/11/2012 - 02:26:37 | | 20] C:\win7.ld
      [26/01/2013 - 21:56:41 | D ] C:\Windows
      [26/01/2013 - 19:36:02 | D ] C:\_AT-Destroyer
      [28/01/2013 - 13:55:33 | D ] C:\_OTL
      [29/10/2001 - 23:51:38 | R | 31] D:\autorun.inf
      [27/06/2002 - 00:35:46 | R | 2062] D:\MacPlayer.app
      [27/10/2005 - 09:35:17 | D ] D:\player
      [08/07/2002 - 04:19:02 | R | 57344] D:\player.exe
      [11/12/2002 - 01:50:08 | R | 45056] D:\UninstallPlayer.exe
      [23/05/2005 - 09:49:15 | R | 280] D:\UninstallPlayer.txt
      [20/01/2013 - 22:05:18 | D ] E:\PATTY
      [27/01/2013 - 00:38:38 | N | 7213087] J:\Dennis Brown Lips of wine live.mp3
      [25/01/2013 - 07:17:42 | N | 6745117] J:\HUSH TV The Skints It Mek Acoustic Session.mp3
      [26/01/2013 - 00:30:30 | N | 10339422] J:\The Skints 'On A Mission' (Katy B cover) SoulCulture.co.uk.mp3
      [27/01/2013 - 00:51:44 | N | 10909936] J:\The Skints Cover of Bob Marleys 'Is this Love'.mp3
      [25/01/2013 - 07:21:46 | N | 7687471] J:\The Skints perform Dennis Brown's 'Lips of Wine'.mp3

      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      E:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      J:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | Upload |

      Por favor, envie el archivo: C:\UsbFix_Upload_Me_FERNANDO-PC.zip
      http://eldesaparecido.com/upload.php
      Gracias por su contribución.

      ################## | E.O.F |


      Saludos.

    6. #6
      Moderador
      Avatar de M@co
      Registrado
      dic 2007
      Ubicación
      America
      Mensajes
      15.682

      Re: Se me abren páginas de internet solas mientras navego.

      Hola.

      Dale doble clic a AT-Destroyer.exe y lo desinstalas. Repite esa operación con USBFix.

      Dale doble clic a OTL.exe y luego pulsa en LIMPIAR.

      Saludos.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de hack-666
      Registrado
      mar 2008
      Ubicación
      Mexico
      Mensajes
      9

      Re: Se me abren páginas de internet solas mientras navego.

      No ha vuelto a suceder de nuevo, todo en orden, muchas gracias por la ayuda. Saludos.