• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 18

    Abrieron una cuanta paypal con mi cuenta de correo, tal vez con un keylogger

    Hola, que tal, tengo este problema de ke una vez me llego a mi cuenta de correo de hushmail un mensaje ke decia ser de paypal y solo lo elimine, pero para cuando kise abrir ...

    1. #1
      Usuario Avatar de chela
      Registrado
      feb 2013
      Ubicación
      mexico
      Mensajes
      9

      Abrieron una cuanta paypal con mi cuenta de correo, tal vez con un keylogger

      Hola, que tal, tengo este problema de ke una vez me llego a mi cuenta de correo de hushmail un mensaje ke decia ser de paypal y solo lo elimine, pero para cuando kise abrir una cuenta de paypal me decia ke mi cuenta de correo ya estaba asociada con una cuenta de paypal. En el correo de hushmail, el mensaje de paypal me llamaba Dario Narell y me decia ke mi tarjeta de credito estaba por expirar, en fin, cerre mi cuenta de correo, pero lo ke mas me preocupa es saber como consiguio mi correo electronico y mi contraseña, sospecho ke pudo ser con un keylogger, y si es asi, como lo detecto?, he conseguido varios programas como KL detector, o hijackthis(ke a proposito me dice ke hay muchos "file missing"), security task managger, process explorer,(a los cuales no les entiendo) combofix, ya hice un escaneo con malwarebytes, y con karspesky anti-virus 2011,spybot, ccleaner, etc. justo ahora me atrevo a escribir en este foro con una proteccion de keystroke interference ke dice proteger las entradas del teclado, nose ke pensar, no se si me hackearon, por ke lo ke si me hicieron fue un phishing, pero no se si consiguieron mas; por favor ayuda

      Yo se ke ya hay muchos de estos temas aki, pero por ya intente varias de esas cosas tambien, por lo mismo ke baje todos estos programas

      Gracias

    2. #2
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: Abrieron una cuanta paypal con mi cuenta de correo, tal vez con un keylogger

      Hola!

      lo que deseas saber es si tienes un keylogger en tu PC verdad?

      (por lo demas de la cuenta nada podemos hacer mas que comprobar si estas infectado )

      ademas eres el unico que usa la PC?

      Realiza Los Siguientes Pasos (si no puedes con uno salta al siguiente)

      EN MODO SEGURO CON FUNCIONES DE RED

      Descarga,actualiza y realiza un escaneo completo con el malwarebytes:Manual de Malwarebytes Anti-Malware 2

      -Instala el programa con idioma español.
      -Vete a la pestaña actualizar y actualizas a la ultima version
      -Vete a la pestaña Escáner y realizas un Ánalisis completo.
      -Una vez finalizado, pulsa sobre "Mostrar los Resultados " y "Eliminar Seleccionadas" como se demuestra en esta FOTO
      -Todas las amenazas tienen que estar marcadas con un visto ()
      -En el caso de que te pida reiniciar,reinicia.
      -Peganos el reporte del escaneo del malwarebytes despues de reiniciar,esta en la pestaña Registros.


      Descarga Ccleaner:Manual de CCleaner <------------ Este paso es MUY IMPORTANTE

      Ejecutar CCleaner usando primero su opción de "Limpiador" para borrar cookies y temporales de Internet
      Usa su opción de "Registro" para limpiar todo el registro de Windows creando antes una copia de seguridad

      Realiza un análisis completo con Eset Nod32 online ----------> Version Descargable E Instalable: Eset Smart Installer Y mas aca su manual ---------->MANUAL DE ESET ONLINE

      1- Lo ejecutas.

      2-Marcas las casillas de Eliminar las amenazas detectadas y analizar archivos.

      3- Haces clic en Configuración adicional y ahi marcas las casillas:

      - Analizar en busca de aplicaciones potencialmente indeseables.

      - Analizar en busca de aplicaciones potencialmente peligrosas.

      - Activar la tecnolgía Anti-Stealth.



      4- Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.

      Cuando acabe haz clic en Finalizar

      5- Localizar el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log
      • Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) by @Infospyware.
      • Debes cerrar todos los programas que estes usando durante el proceso
      • Desactiva temporalmente el Antivirus y/o Antispyware. o cualquier tipo de defensa que tenga en su PC
      • Ejecuta AT-Destroyer como administrador (Click Derecho Ejecutar como/Como Administrador).
      • Elige la Opcion #1 (Buscar y Destruir)
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado AT DESTROYER le indicara El tipo y numero mediante una Pantalla negra Con los datos anteriormente nombrados
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      • NOTA: en la mayoria de los casos pedira un Reinicio de la PC, si esto pasa busque en reporte en C:/AT-Destroyer.txt
      • Si algún programa no inicia, reiniciar la PC.
      • Descarga AdwCleaner En su PC
      • NOTA: Cerra todos los programas antes de ejecutar esta herramienta.
      • Desactiva temporalmente el Antivirus y/o Antispyware. o cualquier tipo de defensa que tenga en su PC
      • Copia en el escritorio el programa Adwcleaner y lo ejecutas Como Administrador (Click Derecho Ejecutar como/Como Administrador).
      • Una Vez abierto le das a Supresión y esperas que termine su trabajo.
      • Se va a abrir un reporte donde muestra lo que detecto, lo copias y lo pegas acá.
      • NOTA: En caso de que EL PROGRAMA te pida reiniciar hazlo .
      • En caso de que no se abra el reporte lo buscas en C:\AdwCleaner[R1].txt


      saludos
      º El reporte del Malwarebytes, que se encuentra en su pestaña REGISTROS
      º El reporte del Eset Nod32
      º El reporte de at destroyer
      º El reporte de AdwCleaner
      º Nos cuentas como funciona tu pc ahora

      *Si tienes alguna duda,te puedes imprimir las instrucciones para hacer un mejor seguimiento.


    3. #3
      Usuario Avatar de chela
      Registrado
      feb 2013
      Ubicación
      mexico
      Mensajes
      9

      Re: Abrieron una cuanta paypal con mi cuenta de correo, tal vez con un keylogger

      ok ok, perdon por la tardanza, eske trabajo y estudio, por eso no lo pude hacer antes, aunke para mi sorpresa ninguno de los escaneso duro mucho, ok aki esta

      EN MODO SEGURO CON FUNCIONES DE RED:

      Malwarebytes Anti-malware log:

      Malwarebytes Anti-Malware 1.70.0.1100
      Malwarebytes : Free anti-malware download

      Database version: v2013.02.19.07

      Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
      Internet Explorer 9.0.8112.16421
      User :: USER-PC [administrator]

      2/19/2013 9:00:02 PM
      mbam-log-2013-02-19 (21-00-02).txt

      Scan type: Full scan (C:\|D:\|)
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
      Scan options disabled: P2P
      Objects scanned: 376865
      Time elapsed: 41 minute(s), 7 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      (end)


      ESET NOD32 online:

      Malwarebytes Anti-Malware 1.70.0.1100
      Malwarebytes : Free anti-malware download

      Database version: v2013.02.19.07

      Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
      Internet Explorer 9.0.8112.16421
      User :: USER-PC [administrator]

      2/19/2013 9:00:02 PM
      mbam-log-2013-02-19 (21-00-02).txt

      Scan type: Full scan (C:\|D:\|)
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
      Scan options disabled: P2P
      Objects scanned: 376865
      Time elapsed: 41 minute(s), 7 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      (end)


      AT-DESTROYER

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 22:07:49 \\\ 20/02/2013
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:18.0.2.4780
      Google Chrome:24.0.1312.57
      Privilegios: User - Administrador
      Modo Actual: Modo Seguro.
      Nombre del pc: USER-PC
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:User
      Lenguaje del sistema: Inglés



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\Users\User\AppData\Roaming\OpenCandy\FE21EDA18F3C441699B3F4D2D4F71A18 (W32/Adware.OpenCandy)
      C:\Users\User\AppData\Roaming\OpenCandy\FE21EDA18F3C441699B3F4D2D4F71A18\4132.ico (W32/Adware.OpenCandy)
      C:\Users\User\AppData\Roaming\OpenCandy\FE21EDA18F3C441699B3F4D2D4F71A18\EBB77268-338F-4C6A-8590-AD88FED26F4A (W32/Adware.OpenCandy)
      C:\Users\User\AppData\Roaming\OpenCandy\FE21EDA18F3C441699B3F4D2D4F71A18\FastestChrome_installer.exe (W32/Adware.OpenCandy)
      C:\Users\User\AppData\Roaming\OpenCandy\FE21EDA18F3C441699B3F4D2D4F71A18\FastestChrome_p1v2.exe (W32/Adware.OpenCandy)
      C:\Users\User\AppData\Roaming\OpenCandy\FE21EDA18F3C441699B3F4D2D4F71A18\OCBrowserHelper_1.0.3.85.dll (W32/Adware.OpenCandy)
      C:\Users\User\AppData\Roaming\OpenCandy (W32/Adware.OpenCandy)


      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<

      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}


      >>>>>> Heurística <<<<<<

      C:\Program Files (x86)\WinPcap_4_1_2.exe (Heur malware.win32.generic)


      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==


      HKEY_USERS\S-1-5-21-3589208774-2577461057-1664317462-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage_override.buildID", "20130201065344");
      user_pref("browser.startup.homepage_override.mstone", "18.0.2");


      >>>>>> Extensiones Firefox <<<<<<


      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandasecurity.com/activescan
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\3
      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp
      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
      C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm

      ======== Listado ===========

      C:\Users\User\AppData\Roaming\ATI [DI] 0 ( )
      C:\Users\User\AppData\Roaming\Autodesk [DI] 0 ( )
      C:\Users\User\AppData\Roaming\hpqLog [DI] 0 ( )
      C:\Users\User\AppData\Roaming\Identities [DI] 0 ( )
      C:\Users\User\AppData\Roaming\InstallShield [DI] 0 ( )
      C:\Users\User\AppData\Roaming\Macromedia [DI] 0 ( )
      C:\Users\User\AppData\Roaming\Malwarebytes [DI] 0 ( )
      C:\Users\User\AppData\Roaming\mbam.context.scan [AI] 98 bytes ( )
      C:\Users\User\AppData\Roaming\Media Center Programs [DI] 0 ( )
      C:\Users\User\AppData\Roaming\Microsoft [SDI] 0 ( )
      C:\Users\User\AppData\Roaming\Mozilla [DI] 0 ( )
      C:\Users\User\AppData\Roaming\QFX Software [DI] 0 ( )
      C:\Users\User\AppData\Roaming\Thunderbird [DI] 0 ( )
      C:\Users\User\AppData\Roaming\vlc [DI] 0 ( )
      C:\Users\User\AppData\Roaming\WinRAR [DI] 0 ( )
      C:\Program Files (x86)\AMD [D] 0( 0)
      C:\Program Files (x86)\ATI Technologies [D] 0( 0)
      C:\Program Files (x86)\Autodesk [D] 0( 0)
      C:\Program Files (x86)\Common Files [D] 0( 0)
      C:\Program Files (x86)\Comodo [D] 0( 0)
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      C:\Program Files (x86)\ESET [D] 0( 0)
      C:\Program Files (x86)\Freemake [D] 0( 0)
      C:\Program Files (x86)\Google [D] 0( 0)
      C:\Program Files (x86)\Hewlett-Packard [D] 0( 0)
      C:\Program Files (x86)\HP USB TV Tuner [D] 0( 0)
      C:\Program Files (x86)\InstallShield Installation Information [HD] 0( 0)
      C:\Program Files (x86)\Internet Explorer [D] 0( 0)
      C:\Program Files (x86)\JMicron [D] 0( 0)
      C:\Program Files (x86)\Kaspersky Lab [D] 0( 0)
      C:\Program Files (x86)\Keystroke Interference [D] 0( 0)
      C:\Program Files (x86)\Malwarebytes' Anti-Malware [D] 0( 0)
      C:\Program Files (x86)\McAfee Security Scan [D] 0( 0)
      C:\Program Files (x86)\Microsoft Analysis Services [D] 0( 0)
      C:\Program Files (x86)\Microsoft Office [D] 0( 0)
      C:\Program Files (x86)\Microsoft SQL Server Compact Edition [D] 0( 0)
      C:\Program Files (x86)\Microsoft Synchronization Services [D] 0( 0)
      C:\Program Files (x86)\Microsoft.NET [D] 0( 0)
      C:\Program Files (x86)\Mozilla Firefox [D] 0( 0)
      C:\Program Files (x86)\Mozilla Maintenance Service [D] 0( 0)
      C:\Program Files (x86)\Mozilla Thunderbird [D] 0( 0)
      C:\Program Files (x86)\MSBuild [D] 0( 0)
      C:\Program Files (x86)\Panda Security [D] 0( 0)
      C:\Program Files (x86)\Process Revealer Free Edition [D] 0( 0)
      C:\Program Files (x86)\Realtek [D] 0( 0)
      C:\Program Files (x86)\Reference Assemblies [D] 0( 0)
      C:\Program Files (x86)\SCREEN2EXE [D] 0( 0)
      C:\Program Files (x86)\Security Task Manager [D] 0( 0)
      C:\Program Files (x86)\Skype [RD] 0( 0)
      C:\Program Files (x86)\Spybot - Search & Destroy [D] 0( 0)
      C:\Program Files (x86)\Uninstall Information [HD] 0( 0)
      C:\Program Files (x86)\VideoLAN [D] 0( 0)
      C:\Program Files (x86)\Windows Defender [D] 0( 0)
      C:\Program Files (x86)\Windows Mail [D] 0( 0)
      C:\Program Files (x86)\Windows Media Player [D] 0( 0)
      C:\Program Files (x86)\Windows NT [D] 0( 0)
      C:\Program Files (x86)\Windows Photo Viewer [D] 0( 0)
      C:\Program Files (x86)\Windows Portable Devices [D] 0( 0)
      C:\Program Files (x86)\Windows Sidebar [D] 0( 0)
      C:\Program Files (x86)\WinPcap [D] 0( 0)
      C:\Program Files (x86)\WinRAR [D] 0( 0)
      C:\ProgramData\Application Data [HSDLI] 0 0
      C:\ProgramData\ATI [DI] 0 0
      C:\ProgramData\Autodesk [DI] 0 0
      C:\ProgramData\Comodo [DI] 0 0
      C:\ProgramData\CPA_VA [DI] 0 0
      C:\ProgramData\Desktop [HSDLI] 0 0
      C:\ProgramData\Documents [HSDLI] 0 0
      C:\ProgramData\Favorites [HSDLI] 0 0
      C:\ProgramData\FLEXnet [DI] 0 0
      C:\ProgramData\Freemake [DI] 0 0
      C:\ProgramData\Kaspersky Lab [DI] 0 0
      C:\ProgramData\Kaspersky Lab Setup Files [DI] 0 0
      C:\ProgramData\Malwarebytes [DI] 0 0
      C:\ProgramData\McAfee [DI] 0 0
      C:\ProgramData\McAfee Security Scan [DI] 0 0
      C:\ProgramData\Microsoft [SDI] 0 0
      C:\ProgramData\Microsoft Help [DI] 0 0
      C:\ProgramData\Mozilla [DI] 0 0
      C:\ProgramData\prfree [DI] 0 0
      C:\ProgramData\QFX Software [DI] 0 0
      C:\ProgramData\SecTaskMan [DI] 0 0
      C:\ProgramData\Skype [DI] 0 0
      C:\ProgramData\Spybot - Search & Destroy [DI] 0 0
      C:\ProgramData\Start Menu [HSDLI] 0 0
      C:\ProgramData\Templates [HSDLI] 0 0
      C:\ProgramData\XoftSpySE [DI] 0 0
      C:\ProgramData\{29311A8F-E292-452B-93E9-C7FD5B56AD1C} [HSDI] 0 0

      ==================== EOF ==================


      AdwCleaner

      # AdwCleaner v2.112 - Logfile created 02/22/2013 at 19:03:18
      # Updated 10/02/2013 by Xplode
      # Operating system : Windows 7 Professional Service Pack 1 (64 bits)
      # User : User - USER-PC
      # Boot Mode : Normal
      # Running from : C:\Users\User\Desktop\AdwCleaner.exe
      # Option [Search]


      ***** [Services] *****


      ***** [Files / Folders] *****


      ***** [Registry] *****

      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
      Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
      Key Found : HKCU\Software\Softonic
      Key Found : HKCU\Software\Tutorials
      Key Found : HKCU\Software\TutoTag
      Key Found : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
      Key Found : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
      Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
      Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
      Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
      Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
      Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
      Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
      Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
      Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
      Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
      Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
      Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
      Key Found : HKLM\Software\Iminent
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
      Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
      Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
      Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
      Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
      Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]

      ***** [Internet Browsers] *****

      -\\ Internet Explorer v9.0.8112.16464

      [OK] Registry is clean.

      -\\ Mozilla Firefox v18.0.2 (es-MX)

      -\\ Google Chrome v24.0.1312.57

      *************************

      AdwCleaner[R1].txt - [11371 octets] - [22/02/2013 19:03:18]

      ########## EOF - C:\AdwCleaner[R1].txt - [11432 octets] ##########



      OTRO DE AWCLEANER


      # Updated 10/02/2013 by Xplode
      # Operating system : Windows 7 Professional Service Pack 1 (64 bits)
      # User : User - USER-PC
      # Boot Mode : Normal
      # Running from : C:\Users\User\Desktop\AdwCleaner.exe
      # Option [Delete]


      ***** [Services] *****


      ***** [Files / Folders] *****


      ***** [Registry] *****

      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
      Key Deleted : HKCU\Software\Softonic
      Key Deleted : HKCU\Software\Tutorials
      Key Deleted : HKCU\Software\TutoTag
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
      Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
      Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
      Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
      Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
      Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
      Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
      Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
      Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
      Key Deleted : HKLM\Software\Iminent
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
      Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
      Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]

      ***** [Internet Browsers] *****

      -\\ Internet Explorer v9.0.8112.16464

      [OK] Registry is clean.

      -\\ Mozilla Firefox v18.0.2 (es-MX)

      -\\ Google Chrome v24.0.1312.57

      *************************

      AdwCleaner[R1].txt - [11410 octets] - [22/02/2013 19:03:18]
      AdwCleaner[S1].txt - [11674 octets] - [22/02/2013 19:06:14]

      ########## EOF - C:\AdwCleaner[S1].txt - [11735 octets] ##########


      ok aki esta la tarea
      Última edición por chela fecha: 22/02/13 a las 21:42:14

    4. #4
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: Abrieron una cuanta paypal con mi cuenta de correo, tal vez con un keylogger

      Hola!

      no esta el de ESET xD!

      hasta ahora no se ve mucho pero vamos a seguir

      espero el reporte

    5. #5
      Usuario Avatar de chela
      Registrado
      feb 2013
      Ubicación
      mexico
      Mensajes
      9

      Re: Abrieron una cuanta paypal con mi cuenta de correo, tal vez con un keylogger

      oops, sorry, jeje,

      aki esta:

      EN MODO SEGURO CON FUNCIONES DE RED:

      [email protected] as CAB hook log:
      OnlineScanner64.ocx - registred OK
      OnlineScanner.ocx - registred OK
      # version=8
      # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
      # OnlineScanner.ocx=1.0.0.6920
      # api_version=3.0.2
      # EOSSerial=cb325fdd33a9fc45bed6384b764dd442
      # engine=13195
      # end=finished
      # remove_checked=true
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2013-02-20 06:35:13
      # local_time=2013-02-20 12:35:13 (-0600, Central Standard Time (Mexico))
      # country="United States"
      # lang=1033
      # osver=6.1.7601 NT Service Pack 1
      # compatibility_mode=3074 16777214 100 100 7292901 16553841 0 0
      # compatibility_mode=5893 16776573 100 94 0 112885563 0 0
      # scanned=168553
      # found=22
      # cleaned=22
      # scan_time=9409
      sh=E9B353B3F4137373E1851D6C8BDADCBD036AE75F ft=1 fh=8af96269d3f5c3e8 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\bizne\Downloads\FreemakeVideoConverterSetup.exe"
      sh=49B38264CACD751BB4EB9E561D91C27989C837C8 ft=1 fh=de5333ab15585c62 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Documents\Downloads\IZArc4b1.exe"
      sh=CDD7F340E06D51354135307882FD33253ECC282C ft=1 fh=44a8d13ba0fcfa2b vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Documents\My PortableApps\aTube_Catcher.exe"
      sh=A271D9807C3DD1577BE2F67E737AF8D499358A4B ft=1 fh=30c074f171e7d6bb vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\aTube_Catcher.exe"
      sh=A271D9807C3DD1577BE2F67E737AF8D499358A4B ft=1 fh=30c074f171e7d6bb vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\aTube_Catcher_Setup.exe"
      sh=76A33F18410CD93DC994975222AA0AC5606AF1DC ft=1 fh=2b6dd7985b72d1de vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\cbsidlm-tr1_5-Cameyo_Application_Virtualization-75212702.exe"
      sh=9C4E8B2795B302D47E05D4B2335290D5C96914FC ft=1 fh=97f3df503b071e16 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\FFSetup296.exe"
      sh=B710352A2171731CEBCCF9005D2048CF1F4B1985 ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\FFSetup296.zip"
      sh=3825DE2525F8B667D79DA8787892CA15BE509A70 ft=1 fh=9c0db60505255f2f vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\FreemakeVideoConverterSetup.exe"
      sh=299F6C1A13034FCA9083D409AEB65A6FD3E3C86F ft=1 fh=9f63b657e13e15be vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\FreeStudio (1).exe"
      sh=671A3872AC99B93DD63AC40379F2B6245226DBFF ft=1 fh=eaf2a238ae493e41 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\FreeStudio(1).exe"
      sh=3921CD27F4BD81B0FF0DE29A855DF6026AF3D15C ft=1 fh=bd7257891175493f vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\FreeStudio(2).exe"
      sh=B318E6E78633CAD3F323A4129F88F6D975D455B1 ft=1 fh=d3297f37fe9810e9 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\FreeStudio.exe"
      sh=1907F660F58A5A5086AEF0B0C8C81A5B16878BCA ft=1 fh=6c35f85f3b315678 vn="a variant of Win32/InstallIQ application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\gimpshop.exe"
      sh=3A1B111CFB42082166DCBBDC52847C6C7B9DCD6C ft=0 fh=0000000000000000 vn="a variant of Win32/HackTool.Patcher.E application (deleted - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\iWisoft_FlashSWF_to_Video_Converter_v3.2__NEW__www.dl4all.com.rar"
      sh=5ED7232F5F9FAF95E4563FC8A961E3CC98E87CB6 ft=1 fh=34ef04f170dd3df8 vn="a variant of Win32/HackTool.Patcher.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Desktop\respaldo marcela\Music\Downloads\iWisoft FlashSWF to Video Converter v3.2 (NEW)\Crack\Crack.exe"
      sh=310FD841F643AE1BAA2276F197AB73200E2FC730 ft=1 fh=14e373c71fc989cf vn="a variant of Win32/InstallCore.AZ application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Downloads\anti-keylogger-10-3-3-es-en-br-fr-de-it-win-setup.exe"
      sh=3825DE2525F8B667D79DA8787892CA15BE509A70 ft=1 fh=9c0db60505255f2f vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Downloads\FreemakeVideoConverterSetup.exe"
      sh=64D061CC58F13CEFA0B30FB2A09532B8C9D1DA4A ft=1 fh=501f4cb18aea6f5a vn="a variant of Win32/SoftonicDownloader.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Downloads\SoftonicDownloader_for_icesword.exe"
      sh=94946E8B363CB2088D4B15F01E49406E88EAD363 ft=1 fh=a5a4d3b988c8bfd0 vn="a variant of Win32/SoftonicDownloader.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Downloads\SoftonicDownloader_para_icesword.exe"
      sh=527F6BF761D5817048A4E30CAA52C34A649F61F6 ft=1 fh=5573630d8994141a vn="a variant of Win32/SoftonicDownloader.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Downloads\SoftonicDownloader_para_mwav-toolkit-utility.exe"
      sh=B61757C61373EC15338F15539984F4FC69A20B36 ft=1 fh=b03c278467679b20 vn="a variant of Win32/SoftonicDownloader.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\User\Downloads\SoftonicDownloader_para_screen2exe.exe"

    6. #6
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: Abrieron una cuanta paypal con mi cuenta de correo, tal vez con un keylogger

      Se ven muchos ADWARES pero ningun Keylogger :(

      Probemos lo sigueinte y cuentanos como va la situacion

      Ok haslo siguente:

      Descarga DrWeb Cureit:
      Ejecuta Drweb según su manual y con estas especificaciones:
      • Cuando inicie el programa ejecutalo en su modo de proteccion mejorada preferentemente. Y siguiendo el manual.
      • Despues de aceptar los terminos de uso ve al boton que tiene forma de llave inglesa, y en Configuración te vas a Log y eliges Mínimo:

      • Eliges la opción Seleccione Objetos a escanear, y marcas todas las opciones; te vas a haga clic para seleccionar y añade todas las carpetas y unidades adicionales que quieras que sean escaneadas por el programa. Para iniciar el escaneo presionas sobre Comenzando escaneo:


      • Curas, Mueves y Eliminas, lo que encuentre según te de la opción y con ese orden de preferencia.
      • Si te detecta el archivo Hosts permite que DrWeb lo restaure.
      • Abres el reporte al finalizar como lo indica la imagen.

      Nos traerias el reporte de DrWeb (de no poder guardarlo como se indica, un reporte se genera sobre %userprofile%\DoctorWeb\CureIt.log) y nos comentarias el estado del sistema.





      Saludos[/QUOTE]

    7. #7
      Usuario Avatar de chela
      Registrado
      feb 2013
      Ubicación
      mexico
      Mensajes
      9

      Re: Abrieron una cuanta paypal con mi cuenta de correo, tal vez con un keylogger

      OK OK, dejame hacer eso, por mientras respondeme estovpor favor:

      estoy en m cuenta de adminsitrador, y en mi disco C: en la carpeta de usuarios, tengo pues.... mis usuarios, tengo mis 2 cuetas, una de administrador y la otra, pero la de administrador yo le habia puesto mi nombre, y ahora dice "User", eso por ke?

      otra cosa, por ke mis escaneos duran tan pokito, todos han durado menos de una hora

    8. #8
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: Abrieron una cuanta paypal con mi cuenta de correo, tal vez con un keylogger

      Hola!

      no se lo del "user" en mi PC sale asi...

      probastes cambiarle el nombre? pudo ser alguna herramienta :)

      Duran poco porque no tienes muchas cosas en la PC o en su defecto tienes una PC rapida

      Otro factor que influye es que si lo dejas escanear sin tocar la PC (que trabajen solos) van mas rapido

      saludos

    9. #9
      Usuario Avatar de chela
      Registrado
      feb 2013
      Ubicación
      mexico
      Mensajes
      9

      Re: Abrieron una cuanta paypal con mi cuenta de correo, tal vez con un keylogger

      ok aki esta el resultado:



      ahora que?
      Última edición por chela fecha: 24/02/13 a las 21:53:28

    10. #10
      Usuario Avatar de M4RTYN
      Registrado
      jun 2012
      Ubicación
      Ecuador
      Mensajes
      5.520

      Re: Abrieron una cuanta paypal con mi cuenta de correo, tal vez con un keylogger

      Hola!

      cuentame como va la PC?

      tienes sospechas que tienes el keylogger en tu PC?

      te han robado mas cuentas?

      saludos

    Página 1 de 2 12 ÚltimoÚltimo