• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 25

    Reporte de Combofix para que me ayuden (Solucionado)

    Resumen del tema: Reporte de Combofix para que me ayuden (Solucionado) - 1.Mi Pc se apago de repente y luego intentaba volverlo a encender y se apagaba automaticamente. 2.Tambien tengo problemas al deinstalar programas , no me deja desinstalarlos , como por ejemplo Favorit(posible virus), tambien tengo ...

      
    1. #1
      Usuario Avatar de Katimolongo
      Registrado
      feb 2013
      Ubicación
      España
      Mensajes
      14

      Atención Reporte de Combofix para que me ayuden (Solucionado)

      1.Mi Pc se apago de repente y luego intentaba volverlo a encender y se apagaba automaticamente.

      2.Tambien tengo problemas al deinstalar programas , no me deja desinstalarlos , como por ejemplo Favorit(posible virus), tambien tengo algun sofware de poker (888 y pokerstars) los cuales tambien quiero eliminar ya que creo que puede ser debido a ellos los problemas de espias en mi Pc.

      3. Intente limpiar y desinstalar tambien con CCleaner y no lo consegui.

      4. Alguna vez ,hace unos meses ,utilice Combofix para un problema de virus que ahora no recuerdo. Pero no lo se si lo desinstale en, Ejecutar: Combofix /u .... no se si esto es necesario que lo haga ahora , pero he leido que si es recomendable asi que asi lo hare.

      5. Por si es de ayuda , tambien utilizo programas para descargar Peliculas, epub para ebook, etc.. Utilizo uTorrent 3.2.3 para descargar desede http://www.elitetorrent.net y Mipony para descargar desde http://www.bajui.com/. Hay algun problema por hacerlo? y si es peligroso ayudarme a hacerlo con seguridad.

      Muchas Gracias y este es el Reporte de Combofix:

      ComboFix 13-02-20.01 - David 21/02/2013 13:01:00.3.4 - x86
      Running from: c:\users\David\Desktop\ComboFix.exe
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files\Internet Explorer\IEADdon.dll
      c:\programdata\ism_0_llatsni.pad
      c:\programdata\z7_0ytr.pad
      .
      .
      ((((((((((((((((((((((((( Files Created from 2013-01-21 to 2013-02-21 )))))))))))))))))))))))))))))))
      .
      .
      2013-02-21 12:09 . 2013-02-21 12:09 -------- d-----w- c:\users\David\AppData\Local\temp
      2013-02-19 11:11 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BBC32CDE-4B75-4766-920E-45A1EF03CDED}\mpengine.dll
      2013-02-19 10:10 . 2013-02-19 10:10 1207888 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
      2013-02-18 16:48 . 2013-02-18 16:48 -------- d-----w- c:\program files\Browser Helper Object
      2013-02-17 13:23 . 2013-02-17 13:23 -------- d-----w- c:\users\David\AppData\Local\Samsung
      2013-02-17 13:09 . 2013-02-17 13:09 -------- d-----w- c:\program files\MyFree Codec
      2013-02-17 13:04 . 2012-12-18 09:06 4659712 ----a-w- c:\windows\system32\Redemption.dll
      2013-02-17 13:03 . 2012-12-18 09:06 821824 ----a-w- c:\windows\system32\dgderapi.dll
      2013-02-17 13:03 . 2012-12-18 09:06 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
      2013-02-17 13:03 . 2012-12-18 09:06 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
      2013-02-17 13:01 . 2013-02-17 13:11 -------- d-----w- c:\programdata\Samsung
      2013-02-13 20:15 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys
      2013-02-13 20:14 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll
      2013-02-13 20:14 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2013-02-13 20:14 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
      2013-02-13 20:14 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2013-01-31 22:55 . 2013-01-31 22:55 -------- d-----w- c:\program files\SoftwareUpdater
      2013-01-27 13:26 . 2013-01-27 13:26 -------- d-----w- c:\programdata\Xerox
      2013-01-25 17:57 . 2013-01-25 17:59 -------- d-----w- c:\users\David\AppData\Roaming\888poker.es
      2013-01-25 17:57 . 2013-01-25 17:59 -------- d-----w- c:\program files\888poker.es
      2013-01-23 14:26 . 2013-02-20 17:18 -------- d-----w- c:\users\David\AppData\Roaming\Mipony
      2013-01-23 14:26 . 2013-01-23 14:26 -------- d-----w- c:\program files\MiPony
      2013-01-22 16:09 . 2013-01-25 10:13 -------- d-----w- c:\program files\JDownloader
      2013-01-22 14:10 . 2013-01-22 14:10 -------- d-----w- c:\windows\system32\Extensions
      2013-01-22 14:10 . 2013-01-22 14:10 -------- d-----w- c:\windows\system32\searchplugins
      2013-01-22 14:08 . 2013-01-22 14:08 -------- d-----w- c:\program files\Nosibay
      2013-01-22 14:08 . 2013-01-22 14:08 -------- d-----w- c:\users\David\AppData\Roaming\Nosibay
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-02-08 14:29 . 2012-04-19 10:42 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2013-02-08 14:29 . 2011-06-17 07:43 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2013-01-17 00:28 . 2009-10-03 14:51 232336 ------w- c:\windows\system32\MpSigStub.exe
      2012-12-18 09:06 . 2012-12-18 09:06 90112 ----a-w- c:\windows\MAMCityDownload.ocx
      2012-12-18 09:06 . 2012-12-18 09:06 330240 ----a-w- c:\windows\MASetupCaller.dll
      2012-12-18 09:06 . 2012-12-18 09:06 30568 ----a-w- c:\windows\MusiccityDownload.exe
      2012-12-18 09:06 . 2012-12-18 09:06 974848 ----a-w- c:\windows\system32\cis-2.4.dll
      2012-12-18 09:06 . 2012-12-18 09:06 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
      2012-12-18 09:06 . 2012-12-18 09:06 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
      2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
      2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
      2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
      2012-12-18 09:06 . 2012-12-18 09:06 569344 ----a-w- c:\windows\system32\muzdecode.ax
      2012-12-18 09:06 . 2012-12-18 09:06 491520 ----a-w- c:\windows\system32\muzapp.dll
      2012-12-18 09:06 . 2012-12-18 09:06 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
      2012-12-18 09:06 . 2012-12-18 09:06 45320 ----a-w- c:\windows\system32\MAMACExtract.dll
      2012-12-18 09:06 . 2012-12-18 09:06 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
      2012-12-18 09:06 . 2012-12-18 09:06 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
      2012-12-18 09:06 . 2012-12-18 09:06 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
      2012-12-18 09:06 . 2012-12-18 09:06 352256 ----a-w- c:\windows\system32\MSLUR71.dll
      2012-12-18 09:06 . 2012-12-18 09:06 258048 ----a-w- c:\windows\system32\muzoggsp.ax
      2012-12-18 09:06 . 2012-12-18 09:06 245760 ----a-w- c:\windows\system32\MSCLib.dll
      2012-12-18 09:06 . 2012-12-18 09:06 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
      2012-12-18 09:06 . 2012-12-18 09:06 200704 ----a-w- c:\windows\system32\muzwmts.dll
      2012-12-18 09:06 . 2012-12-18 09:06 172032 ----a-w- c:\windows\system32\muzapp.exe
      2012-12-18 09:06 . 2012-12-18 09:06 155648 ----a-w- c:\windows\system32\MSFLib.dll
      2012-12-18 09:06 . 2012-12-18 09:06 143360 ----a-w- c:\windows\system32\3DAudio.ax
      2012-12-18 09:06 . 2012-12-18 09:06 135168 ----a-w- c:\windows\system32\muzaf1.dll
      2012-12-18 09:06 . 2012-12-18 09:06 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
      2012-12-18 09:06 . 2012-12-18 09:06 122880 ----a-w- c:\windows\system32\muzeffect.ax
      2012-12-18 09:06 . 2012-12-18 09:06 118784 ----a-w- c:\windows\system32\MaDRM.dll
      2012-12-18 09:06 . 2012-12-18 09:06 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
      2012-12-16 13:12 . 2012-12-21 13:51 34304 ----a-w- c:\windows\system32\atmlib.dll
      2012-12-16 10:50 . 2012-12-21 13:51 293376 ----a-w- c:\windows\system32\atmfd.dll
      2012-12-11 17:16 . 2012-12-11 17:16 82432 ----a-w- c:\users\David\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
      2012-12-11 17:16 . 2012-12-11 17:16 44544 ----a-w- c:\users\David\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
      2012-12-11 17:16 . 2012-12-11 17:16 1275392 ----a-w- c:\users\David\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
      "{db131c55-60c8-4adc-84dc-9e76ab06e2dc}"= "c:\program files\uTorrentBar_ES\tbuTor.dll" [2010-11-23 3908192]
      .
      [HKEY_CLASSES_ROOT\clsid\{db131c55-60c8-4adc-84dc-9e76ab06e2dc}]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{db131c55-60c8-4adc-84dc-9e76ab06e2dc}]
      2010-11-23 17:55 3908192 ----a-w- c:\program files\uTorrentBar_ES\tbuTor.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      "{db131c55-60c8-4adc-84dc-9e76ab06e2dc}"= "c:\program files\uTorrentBar_ES\tbuTor.dll" [2010-11-23 3908192]
      .
      [HKEY_CLASSES_ROOT\clsid\{db131c55-60c8-4adc-84dc-9e76ab06e2dc}]
      .
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
      "{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}"= "c:\program files\uTorrentBar_ES\tbuTor.dll" [2010-11-23 3908192]
      .
      [HKEY_CLASSES_ROOT\clsid\{db131c55-60c8-4adc-84dc-9e76ab06e2dc}]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
      "KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-12-20 1476104]
      "KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2013-02-06 578560]
      "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
      "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
      "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
      "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
      @="Driver"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
      @="Driver"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
      @="Service"
      .
      [HKLM\~\startupfolder\C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ctfmon.lnk]
      path=c:\users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
      backup=c:\windows\pss\ctfmon.lnk.Startup
      backupExtension=.Startup
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTIVBOARD]
      2007-01-18 12:03 79416 ----a-w- c:\program files\Packard Bell\FIJI\ABoard.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
      2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
      2012-12-19 14:39 41208 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
      2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExpressFiles]
      2012-01-15 15:31 326776 ----a-w- c:\program files\ExpressFiles\ExpressFiles.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]
      2012-03-08 16:32 884584 ----a-w- c:\program files\Windows Live\Family Safety\fsui.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
      2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
      2008-06-13 11:52 6183456 ----a-w- c:\windows\RtHDVCpl.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
      2007-11-20 16:15 1826816 ----a-w- c:\windows\SkyTel.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
      2012-01-18 12:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
      "DisableMonitoring"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - FSUSBEXDISK
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      ezSharedSvc
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-02-21 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-19 14:29]
      .
      2013-02-21 c:\windows\Tasks\Extended Warranty-David.job
      - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-10-31 10:13]
      .
      2013-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2009-05-14 10:59]
      .
      2013-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2009-05-14 10:59]
      .
      2013-02-21 c:\windows\Tasks\Recovery DVD Creator-David.job
      - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2008-10-31 10:13]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.es/
      mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040a&s=1&o=vp32&d=0109&m=imax_x5702_sp
      IE: Descargar con Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
      IE: E&xportar a Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
      IE: {{9A4D505C-96A5-4324-AC0B-B49D7B481771} - c:\programs\Azartia\AzartiaPoker\RunApp.exe
      IE: {{CC0FC7CF-E588-4b33-B148-C657708AB9C4} - c:\program files\PokerStars.ES\PokerStarsUpdate.exe
      TCP: Interfaces\{C5A7D4F1-903F-4416-963F-909F59301222}: NameServer = 87.216.1.65,87.216.1.66
      DPF: {B6F0855B-A06D-498B-A537-80AFF04A1B4E} - hxxp://ciac.metromadrid.es/centriweb/WS/cli/WSClient.cab
      DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} - hxxps://www5.aeat.es/es13/h/cactivex.cab
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-10 - (no file)
      MSConfigStartUp-avast - c:\program files\Alwil Software\Avast5\avastUI.exe
      MSConfigStartUp-CarboniteSetupLite - c:\program files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
      MSConfigStartUp-Malwarebytes' Anti-Malware - c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
      .
      .
      .
      **************************************************************************
      .
      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2013-02-21 13:09
      Windows 6.0.6002 Service Pack 2 NTFS
      .
      scanning hidden processes ...
      .
      scanning hidden autostart entries ...
      .
      scanning hidden files ...
      .
      scan completed successfully
      hidden files: 0
      .
      **************************************************************************
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\S-1-5-21-2698646911-2858209003-2317526353-1000\Software\SecuROM\License information*]
      "datasecu"=hex:8a,b9,ad,9a,c7,ac,e5,62,a6,be,62,3e,21,49,d4,a6,cf,60,93,4b,c3,
      36,61,44,9f,61,ba,9a,23,1b,77,80,6c,d5,75,fe,ac,ba,97,e6,88,4d,cb,dc,6c,97,\
      "rkeysecu"=hex:04,fc,8d,5c,9b,4a,a8,37,c0,f7,8e,06,16,eb,13,98
      .
      Completion time: 2013-02-21 13:11:38
      ComboFix-quarantined-files.txt 2013-02-21 12:11
      ComboFix2.txt 2012-07-26 18:52
      ComboFix3.txt 2011-05-08 13:31
      .
      Pre-Run: 98.038.788.096 bytes libres
      Post-Run: 98.512.138.240 bytes libres
      .
      - - End Of File - - D7A99647672FAF4D573FB5FFD5F3DB53

    2. #2
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      15.760

      Re: Reporte de Combofix para que me ayuden

      Buenas Katimolongo. al Foro.

      Temas que interesa revisar y leer :

      Consejos para antes de publicar un nuevo mensaje.

      Políticas del Foro de InfoSpyware.

      Políticas Foro Oficial de HijackThis en español.

      ¿Cómo subir imágenes al Foro? *TUTORIAL*
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      Veo que no hacemos mucho caso de las indicaciones que se hacen.

      Y ahora mismo como esta tu equipo, en relación al problema de los apagones. ????

      Saludos.
      ~ Estaré ausente del 15 al 31 de Agosto. ~

      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Katimolongo
      Registrado
      feb 2013
      Ubicación
      España
      Mensajes
      14

      Re: Reporte de Combofix para que me ayuden

      No se si he hecho algo inadeacuado, lo siento si es asi.
      Hoy ya no tengo apagones , parece que puedo trabajar con el Pc.
      Pero no puedo eliminar el "Favorit" de mi lista de progrmas.
      ????

    4. #4
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      15.760

      Re: Reporte de Combofix para que me ayuden

      No te preocupes, ahora sigue estos pasos :

      Descarga e instala este programa >> Manual de Revo Uninstaller, lee y revisa bien su funcionamiento.

      Y úsalo para desinstalar todos los programas que quieras quitar, el Favorit u otros.

      Cuando Revo te pida, que selecciones el método de desinstalacion, seleccionas "Avanzado".

      Si durante el proceso te solicita "Reiniciar" NO lo hagas, dile que NO y deja que Revo siga trabajando.

      Cuando termines todos los procesos de desinstalacion ya Reinicias tú el ordenador.

      Después nos dices como ha ido.

      Saludos.
      ~ Estaré ausente del 15 al 31 de Agosto. ~

      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de Katimolongo
      Registrado
      feb 2013
      Ubicación
      España
      Mensajes
      14

      Re: Reporte de Combofix para que me ayuden

      Consegui Eliminar le programa "Favorit" siguiendo indicaciones del Revo , al reiniciar el Pc po dos veces para asegurarme , en ambas me sale una ventana RunDLL con este mensage:

      Error al cargar C:\Users\David\AppData\Local\Temp\install_0_msi.exe
      No se puede encontrar el modulo especificado

      Que puede ser, Gracias.

    6. #6
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      15.760

      Re: Reporte de Combofix para que me ayuden

      Vamos a revisar tu maquina un poco mas. :


      Para hacerlo, sigue estos pasos, en el orden indicado y de uno a uno :

      Descarga y ejecuta >> Ccleaner.

      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      Descarga, actualiza y ejecuta >> Malwarebytes’ Anti-Malware.

      • En la pestaña Actualizar pulsas sobre el botón "Buscar Actualizaciones"
      • En la pestaña Escáner marcas "Realizar un Examen Completo."
      • Con la opción de "Eliminar lo seleccionado" y Marcando TODO lo que encuentres lo mandas todo a la cuarentena y reinicias el sistema.
      • En la pestaña "Registros", encontrarás el informe del MBAM, lo copias y pegas en tu próxima respuesta, para analizarlo.


      Descarga >> AdwCleaner.exe.

      • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Y cierra todos los programas que tengas abiertos.
      • Ejecuta Adwcleaner. (Si usas Windows Vista o 7 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsar en el Botón Supresión.
      • Sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
      • Guardas el reporte que te saldrá en el escritorio, para pegarlo en tu próxima respuesta.


      Descarga >> AT-Destroyer (by InfoSpyware) | InfoSpyware

      • Cierra TODOS los programas que tengas abiertos, y >> Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer. (Si usas Windows Vista o 7 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En el menú pulsa sobre la opción "Buscar y Destruir".
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • Si detecta infecciones se te indicara y pulsas en Aceptar.
      • Al finalizar el proceso te pedirá Reiniciar, pulsa para Aceptar.
      • Al Iniciar de nuevo Windows se te abrirá un reporte/informe, que deberás copiar en tu próxima respuesta, comentando cómo funciona el sistema.(También puedes encontrarlo en C:\AT-Destroyer.txt)


      Y finalmente descarga >> OTL By OldTimer

      *** Para Ejecutar OTL sigue estos pasos :

      • Cerrar todos programas que tengas abiertos y hacer doble click en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar la casilla Analizar Todos.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones: Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar las líneas del siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Código:
        Código:
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT


      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presionar el botón .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.


      En tu próxima respuesta recuerda :

      - Ponernos los informes de Malwarebytes, AdwCleaner, AT-Destroyer y OTL.txt.

      - Y nos cuentas como funciona tu equipo, en relación al problema planteado.

      Saludos, Javier.
      ~ Estaré ausente del 15 al 31 de Agosto. ~

      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de Katimolongo
      Registrado
      feb 2013
      Ubicación
      España
      Mensajes
      14

      Re: Reporte de Combofix para que me ayuden

      He comenzado la revision paso por paso, pero en el analisis completo del malwarebytes antimalware lo he intentado tres vesces y las tres se me ha quedado colgado(no responde ) , primera vez se me quedo colgado y tuve que apagar el pc a capon, la segunda lo realice con la conexion a internet off y tambien se termino Colgando, y la tercera lo intente en modo a prueba de fallos y termino por Colgarse tambien.
      Que hago realizo los demas pasos saltandome el paso 2 o hay otra solucion?

    8. #8
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      15.760

      Re: Reporte de Combofix para que me ayuden

      Vale, pues déjalo de momento y sigue con los demás procesos.

      Saludos.
      ~ Estaré ausente del 15 al 31 de Agosto. ~

      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de Katimolongo
      Registrado
      feb 2013
      Ubicación
      España
      Mensajes
      14

      Re: Reporte de Combofix para que me ayuden

      Te envio los informes de los programas
      Pero el problema del RunDll al arrancar el Pc sigue saliendo.
      Y al pasar el ultimo programa y reiniciar el Pc tambien aparecieron unos iconos ( translicudos ) que antes no habia, son documentos word, desktop.ini y power point. Por que puede ser ? Los elimino?

      Informes del AdwCleaner y At Destroyer, en otra respuesta te pego los otros por problemas de caracteres:

      # AdwCleaner v2.112 - Fichero creado el 21/02/2013 a 21:06:37
      # Actualizado el 10/02/2013 por Xplode
      # Sistema operativo : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
      # Usuario : David - DAVID1
      # Modo de inicio : Normal
      # Ejecutado desde : C:\Users\David\Desktop\AdwCleaner.exe
      # Opción [Supresión]


      ***** [Servicios] *****


      ***** [Ficheros / Carpetas] *****

      Carpeta Suprimido : C:\Program Files\Conduit
      Carpeta Suprimido : C:\Program Files\Nosibay
      Carpeta Suprimido : C:\Program Files\uTorrentBar_ES
      Carpeta Suprimido : C:\ProgramData\Babylon
      Carpeta Suprimido : C:\ProgramData\boost_interprocess
      Carpeta Suprimido : C:\Users\David\AppData\Local\Conduit
      Carpeta Suprimido : C:\Users\David\AppData\Local\Smartbar
      Carpeta Suprimido : C:\Users\David\AppData\LocalLow\BabylonToolbar
      Carpeta Suprimido : C:\Users\David\AppData\LocalLow\Conduit
      Carpeta Suprimido : C:\Users\David\AppData\LocalLow\PriceGong
      Carpeta Suprimido : C:\Users\David\AppData\LocalLow\uTorrentBar_ES
      Carpeta Suprimido : C:\Users\David\AppData\Roaming\Babylon
      Carpeta Suprimido : C:\Users\David\AppData\Roaming\Nosibay
      Carpeta Suprimido : C:\Users\Invitado\AppData\LocalLow\Conduit
      Fichero Suprimido : C:\END
      Fichero Suprimido : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
      Fichero Suprimido : C:\user.js

      ***** [Registro] *****

      Clave Supprimida : HKCU\Software\5b6de8fe669ba47
      Clave Supprimida : HKCU\Software\AppDataLow\Software\Conduit
      Clave Supprimida : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
      Clave Supprimida : HKCU\Software\AppDataLow\Software\PriceGong
      Clave Supprimida : HKCU\Software\AppDataLow\Software\SmartBar
      Clave Supprimida : HKCU\Software\AppDataLow\Software\uTorrentBar_ES
      Clave Supprimida : HKCU\Software\AppDataLow\Toolbar
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus Updater
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar_ES Toolbar
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8984ACB-AF2A-4E67-8E6B-73567F5964C4}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}
      Clave Supprimida : HKCU\Software\Nosibay
      Clave Supprimida : HKCU\Software\Softonic
      Clave Supprimida : HKLM\Software\Babylon
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{A8984ACB-AF2A-4E67-8E6B-73567F5964C4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Conduit.Engine
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Prod.cap
      Clave Supprimida : HKLM\SOFTWARE\Classes\Toolbar.CT2431232
      Clave Supprimida : HKLM\SOFTWARE\Classes\Toolbar.CT2537403
      Clave Supprimida : HKLM\SOFTWARE\Classes\Toolbar.CT2851619
      Clave Supprimida : HKLM\SOFTWARE\Classes\Toolbar.CT3241944
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
      Clave Supprimida : HKLM\Software\Conduit
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4237E0FB-7D0A-4E15-A37E-B6F4EBCFF27B}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A8984ACB-AF2A-4E67-8E6B-73567F5964C4}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_ES Toolbar
      Clave Supprimida : HKLM\Software\uTorrentBar_ES
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}]
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}]
      Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
      Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}]
      Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}]

      ***** [Navegadores] *****

      -\\ Internet Explorer v9.0.8112.16464

      [OK] El registro no contiene ninguna entrada ilegítima.

      -\\ Google Chrome v [Imposible obtener la versión]

      Fichero : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Preferences

      [OK] El fichero no contiene ninguna entrada ilegítima.

      Fichero : C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Preferences

      [OK] El fichero no contiene ninguna entrada ilegítima.

      *************************

      AdwCleaner[S1].txt - [6723 octets] - [21/02/2013 21:06:37]

      ########## EOF - C:\AdwCleaner[S1].txt - [6783 octets] ##########



      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 21:28:44 \\\ 21/02/2013
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Privilegios: David - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: DAVID1
      Información del sistema operativo:X86-WIN_VISTA-Service Pack 2
      nombre del usuario:David
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<



      >>>>>> Archivos <<<<<<

      C:\Windows\System32\ezsidmv.dat


      >>>>>> Registro <<<<<<

      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}


      >>>>>> Heurística <<<<<<

      C:\Users\David\AppData\Local\uedrbao.bat (Heur malware.win32.generic)


      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\System32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==


      HKEY_USERS\S-1-5-21-2698646911-2858209003-2317526353-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==


      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\4
      C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
      C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

      ======== Listado ===========

      [21/06/2010 15:26] [21/06/2010 15:26] [N] C:\Users\David\AppData\Roaming\Boolat Games
      C:\Users\David\AppData\Roaming\Bubble Dock.boostrap.log [AN] 1,21 KB ( )
      C:\Users\David\AppData\Roaming\Bubble Dock.installation.log [AN] 15,0 KB ( )
      [05/01/2010 16:23] [05/01/2010 16:23] [N] C:\Users\David\AppData\Roaming\CurriculumFacil
      [20/02/2013 22:14] [15/01/2012 11:08] [N] C:\Users\David\AppData\Roaming\DAEMON Tools Lite
      [18/12/2012 13:15] [12/03/2009 12:14] [N] C:\Users\David\AppData\Roaming\dvdcss
      [17/04/2009 20:14] [11/02/2009 15:05] [N] C:\Users\David\AppData\Roaming\EPSON
      [05/05/2011 13:59] [04/05/2011 21:50] [0] C:\Users\David\AppData\Roaming\Fighters
      [02/10/2011 18:10] [02/10/2011 18:10] [N] C:\Users\David\AppData\Roaming\FotoPrix
      [07/12/2012 14:54] [07/12/2012 14:54] [N] C:\Users\David\AppData\Roaming\FreeFLVConverter
      [12/06/2010 17:10] [12/06/2010 17:10] [N] C:\Users\David\AppData\Roaming\freshgames
      [12/06/2010 23:19] [12/06/2010 23:19] [N] C:\Users\David\AppData\Roaming\Gamelab
      [ 26/01/2009 4:25] [ 26/01/2009 4:25] [N] C:\Users\David\AppData\Roaming\Google
      [12/06/2010 17:17] [12/06/2010 17:17] [N] C:\Users\David\AppData\Roaming\Hotdog Hotshot
      [ 26/01/2009 3:44] [ 26/01/2009 3:44] [N] C:\Users\David\AppData\Roaming\Identities
      [ 26/01/2009 4:25] [ 26/01/2009 4:25] [N] C:\Users\David\AppData\Roaming\Macromedia
      [26/02/2011 16:55] [26/02/2011 16:55] [N] C:\Users\David\AppData\Roaming\MAI
      [26/07/2012 18:01] [26/07/2012 18:01] [N] C:\Users\David\AppData\Roaming\Malwarebytes
      [02/11/2006 13:37] [26/01/2009 3:36] [N] C:\Users\David\AppData\Roaming\Media Center Programs
      [28/02/2011 15:54] [28/02/2011 12:35] [N] C:\Users\David\AppData\Roaming\Meridian93
      [25/02/2011 12:26] [25/02/2011 12:26] [N] C:\Users\David\AppData\Roaming\Merscom
      [26/08/2011 17:31] [14/04/2009 13:11] [N] C:\Users\David\AppData\Roaming\Microgaming
      [29/01/2013 15:47] [26/01/2009 3:36] [SN] C:\Users\David\AppData\Roaming\Microsoft
      [20/02/2013 18:18] [23/01/2013 15:26] [N] C:\Users\David\AppData\Roaming\Mipony
      [05/08/2010 11:16] [05/08/2010 11:16] [N] C:\Users\David\AppData\Roaming\Mozilla
      [19/06/2012 12:34] [05/08/2010 11:16] [N] C:\Users\David\AppData\Roaming\Mozilla-Cache
      [10/01/2012 19:12] [10/01/2012 19:12] [N] C:\Users\David\AppData\Roaming\MSD_Soft
      [ 12/06/2010 7:41] [ 12/06/2010 7:41] [N] C:\Users\David\AppData\Roaming\My Games
      [ 26/01/2009 4:43] [ 26/01/2009 4:43] [N] C:\Users\David\AppData\Roaming\Nero
      [ 13/10/2009 8:49] [ 13/10/2009 8:00] [N] C:\Users\David\AppData\Roaming\Nokia
      [ 13/10/2009 8:02] [ 13/10/2009 8:00] [N] C:\Users\David\AppData\Roaming\PC Suite
      [10/06/2010 16:30] [27/04/2010 21:49] [N] C:\Users\David\AppData\Roaming\PlayFirst
      [17/02/2013 14:23] [20/05/2010 11:45] [N] C:\Users\David\AppData\Roaming\Samsung
      [15/01/2012 15:41] [15/01/2012 15:41] [RH] C:\Users\David\AppData\Roaming\SecuROM
      [27/01/2013 14:39] [26/01/2009 12:11] [N] C:\Users\David\AppData\Roaming\Skype
      [28/08/2012 15:33] [26/01/2009 12:19] [N] C:\Users\David\AppData\Roaming\skypePM
      [06/02/2009 11:51] [06/02/2009 11:51] [N] C:\Users\David\AppData\Roaming\Sun
      [05/05/2011 14:04] [05/05/2011 14:04] [0] C:\Users\David\AppData\Roaming\SUPERAntiSpyware.com
      [ 26/01/2009 3:44] [ 26/01/2009 3:44] [N] C:\Users\David\AppData\Roaming\Symantec
      [26/01/2009 12:31] [26/01/2009 12:31] [N] C:\Users\David\AppData\Roaming\TeamViewer
      [21/02/2013 14:19] [21/12/2010 18:35] [N] C:\Users\David\AppData\Roaming\uTorrent
      [26/07/2012 17:28] [28/02/2009 1:00] [N] C:\Users\David\AppData\Roaming\vlc
      [26/01/2009 12:55] [26/01/2009 12:55] [0] C:\Users\David\AppData\Roaming\WinRAR
      [26/01/2009 12:25] [26/01/2009 12:25] [N] C:\Users\David\AppData\Roaming\Yahoo!
      [03/10/2011 23:08] [31/10/2008 15:30] [0] C:\Program Files\Adobe
      [10/12/2010 17:33] [10/12/2010 17:33] [0] C:\Program Files\Alwil Software
      [26/01/2009 3:32] [26/01/2009 3:32] [HSN] C:\Program Files\Archivos comunes
      [05/12/2012 12:43] [05/12/2012 12:43] [0] C:\Program Files\AVAST Software
      [14/01/2010 14:53] [14/01/2010 14:50] [0] C:\Program Files\AVConverter
      [09/02/2009 23:22] [09/02/2009 23:22] [0] C:\Program Files\B2BPOKER
      [19/04/2009 13:03] [19/04/2009 12:31] [0] C:\Program Files\BlopHome
      [18/02/2013 17:48] [18/02/2013 17:48] [0] C:\Program Files\Browser Helper Object
      [25/01/2013 11:25] [26/01/2009 12:24] [0] C:\Program Files\CCleaner
      [21/02/2013 13:05] [02/11/2006 12:18] [0] C:\Program Files\Common Files
      [15/01/2012 11:09] [15/01/2012 11:08] [0] C:\Program Files\DAEMON Tools Lite
      C:\Program Files\desktop.ini [HSA] 174 bytes( 0)
      [13/10/2009 7:58] [13/10/2009 7:58] [0] C:\Program Files\DIFX
      [18/12/2009 19:38] [18/12/2009 19:38] [0] C:\Program Files\DivX
      [03/02/2009 21:59] [03/02/2009 21:59] [0] C:\Program Files\EasyBits For Kids
      [19/04/2009 12:59] [06/02/2009 10:43] [0] C:\Program Files\EPSON
      [11/12/2010 10:52] [26/01/2009 3:52] [0] C:\Program Files\Eset
      [16/01/2012 1:40] [15/01/2012 16:31] [0] C:\Program Files\ExpressFiles
      [16/01/2013 13:41] [07/12/2012 14:54] [0] C:\Program Files\Free FLV Converter
      [27/08/2011 21:58] [05/02/2009 23:27] [0] C:\Program Files\Full Tilt Poker
      [05/12/2012 12:46] [31/10/2008 15:33] [N] C:\Program Files\Google
      [31/10/2008 15:29] [31/10/2008 15:29] [0] C:\Program Files\HDReg
      [17/02/2013 14:03] [31/10/2008 15:27] [H] C:\Program Files\InstallShield Installation Information
      [21/02/2013 13:08] [02/11/2006 12:18] [0] C:\Program Files\Internet Explorer
      [25/03/2012 11:10] [06/02/2009 11:51] [0] C:\Program Files\Java
      [25/01/2013 11:13] [22/01/2013 17:10] [0] C:\Program Files\JDownloader
      [20/05/2010 11:45] [20/05/2010 11:45] [0] C:\Program Files\MarkAny
      [20/05/2010 11:58] [20/05/2010 11:58] [0] C:\Program Files\MarkAnyContentSAFER
      [26/05/2010 10:54] [26/01/2009 11:53] [0] C:\Program Files\Microsoft
      [02/11/2006 13:37] [02/11/2006 13:37] [0] C:\Program Files\Microsoft Games
      [15/01/2012 12:21] [15/01/2012 12:21] [0] C:\Program Files\Microsoft Games for Windows - LIVE
      [30/06/2011 4:16] [01/04/2009 0:51] [0] C:\Program Files\Microsoft Office
      [11/05/2012 16:54] [26/01/2009 11:56] [0] C:\Program Files\Microsoft Silverlight
      [26/01/2009 11:55] [26/01/2009 11:55] [0] C:\Program Files\Microsoft SQL Server Compact Edition
      [01/04/2009 0:54] [01/04/2009 0:54] [0] C:\Program Files\Microsoft Visual Studio
      [01/04/2009 0:51] [01/04/2009 0:51] [0] C:\Program Files\Microsoft Visual Studio 8
      [27/05/2009 15:48] [01/04/2009 0:55] [0] C:\Program Files\Microsoft Works
      [21/10/2010 17:18] [01/04/2009 0:53] [0] C:\Program Files\Microsoft.NET
      [23/01/2013 15:26] [23/01/2013 15:26] [0] C:\Program Files\MiPony
      [18/08/2010 0:34] [02/11/2006 13:37] [0] C:\Program Files\Movie Maker
      [22/01/2013 15:09] [08/05/2011 14:11] [0] C:\Program Files\Mozilla Firefox
      [01/04/2009 0:55] [02/11/2006 13:37] [0] C:\Program Files\MSBuild
      [10/01/2012 19:14] [10/01/2012 19:12] [0] C:\Program Files\MSD_Soft
      [02/06/2010 20:02] [02/06/2010 17:22] [0] C:\Program Files\MSN Juegos
      [26/01/2009 4:22] [26/01/2009 4:22] [0] C:\Program Files\MSXML 4.0
      [17/02/2013 14:09] [17/02/2013 14:09] [0] C:\Program Files\MyFree Codec
      [01/03/2011 20:06] [25/02/2011 12:24] [0] C:\Program Files\MyPlayCity.com
      [31/10/2008 15:34] [31/10/2008 15:34] [0] C:\Program Files\Nero
      [18/11/2012 13:39] [08/11/2010 16:03] [0] C:\Program Files\NVIDIA Corporation
      [02/06/2010 17:22] [02/06/2010 17:22] [0] C:\Program Files\Oberon Media
      [16/01/2012 12:19] [31/10/2008 15:27] [0] C:\Program Files\Packard Bell
      [20/05/2010 11:45] [13/10/2009 7:57] [0] C:\Program Files\PC Connectivity Solution
      [27/08/2011 21:50] [08/02/2009 23:05] [0] C:\Program Files\PokerStars
      [27/01/2013 21:29] [08/07/2012 10:57] [0] C:\Program Files\PokerStars.ES
      [26/01/2009 13:19] [26/01/2009 12:34] [0] C:\Program Files\PokerStrategy
      [02/02/2009 15:00] [02/02/2009 13:57] [0] C:\Program Files\PokerTracker 3
      [02/02/2009 17:28] [02/02/2009 17:28] [0] C:\Program Files\PostgreSQL
      [31/10/2008 15:27] [31/10/2008 15:27] [0] C:\Program Files\Realtek
      [05/12/2012 23:42] [05/12/2012 23:42] [0] C:\Program Files\Red Sky
      [02/11/2006 13:37] [02/11/2006 13:37] [0] C:\Program Files\Reference Assemblies
      [29/01/2009 15:27] [29/01/2009 15:27] [0] C:\Program Files\RVG Software
      [17/02/2013 14:01] [20/05/2010 11:44] [0] C:\Program Files\Samsung
      [31/10/2008 15:30] [31/10/2008 15:30] [0] C:\Program Files\Seagate
      [14/12/2012 15:02] [14/12/2012 15:02] [R] C:\Program Files\Skype
      [31/01/2013 23:55] [31/01/2013 23:55] [0] C:\Program Files\SoftwareUpdater
      [26/01/2009 11:30] [26/01/2009 11:29] [0] C:\Program Files\Spybot - Search & Destroy
      [05/05/2011 14:04] [05/05/2011 14:04] [0] C:\Program Files\SUPERAntiSpyware
      [08/05/2011 10:20] [26/01/2009 12:31] [0] C:\Program Files\TeamViewer
      [26/04/2009 14:49] [26/04/2009 14:49] [0] C:\Program Files\Titan
      [02/11/2006 14:01] [02/11/2006 14:01] [H] C:\Program Files\Uninstall Information
      [11/12/2012 7:50] [21/12/2010 18:36] [0] C:\Program Files\uTorrent
      [28/02/2009 1:00] [28/02/2009 1:00] [0] C:\Program Files\VideoLAN
      [21/02/2013 15:23] [21/02/2013 15:23] [0] C:\Program Files\VS Revo Group
      [22/01/2013 8:46] [22/12/2010 22:55] [0] C:\Program Files\WBFS
      [09/08/2009 14:06] [02/11/2006 13:37] [0] C:\Program Files\Windows Calendar
      [09/08/2009 14:06] [02/11/2006 13:37] [0] C:\Program Files\Windows Collaboration
      [09/08/2009 14:06] [02/11/2006 13:37] [0] C:\Program Files\Windows Defender
      [11/05/2012 16:37] [02/11/2006 13:37] [0] C:\Program Files\Windows Journal
      [22/01/2013 15:13] [26/01/2009 11:53] [0] C:\Program Files\Windows Live
      [12/04/2012 11:35] [02/11/2006 12:18] [0] C:\Program Files\Windows Mail
      [15/10/2010 5:20] [02/11/2006 13:37] [0] C:\Program Files\Windows Media Player
      [26/01/2009 3:32] [02/11/2006 12:18] [0] C:\Program Files\Windows NT
      [09/08/2009 14:06] [02/11/2006 13:37] [0] C:\Program Files\Windows Photo Gallery
      [17/11/2009 14:30] [17/11/2009 14:30] [0] C:\Program Files\Windows Portable Devices
      [09/08/2009 14:06] [02/11/2006 13:37] [0] C:\Program Files\Windows Sidebar
      [26/01/2009 12:21] [26/01/2009 12:21] [0] C:\Program Files\WinRAR
      [16/01/2012 12:22] [26/01/2009 12:25] [0] C:\Program Files\Yahoo!
      [21/11/2012 15:20] [31/10/2008 15:30] [N] C:\ProgramData\Adobe
      [10/12/2010 17:33] [10/12/2010 17:33] [N] C:\ProgramData\Alwil Software
      [02/11/2006 14:02] [02/11/2006 14:02] [HSN] C:\ProgramData\Application Data
      [05/12/2012 12:43] [05/12/2012 12:43] [N] C:\ProgramData\AVAST Software
      [17/09/2010 19:00] [17/09/2010 19:00] [N] C:\ProgramData\Boss Media
      [04/05/2011 22:22] [04/05/2011 21:51] [N] C:\ProgramData\clp
      [04/05/2011 21:51] [04/05/2011 21:51] [N] C:\ProgramData\Common Toolkit Suite
      [15/01/2012 11:08] [15/01/2012 11:07] [N] C:\ProgramData\DAEMON Tools Lite
      [26/01/2009 3:32] [26/01/2009 3:32] [HSN] C:\ProgramData\Datos de programa
      [02/11/2006 14:02] [02/11/2006 14:02] [HSN] C:\ProgramData\Desktop
      [26/01/2009 3:32] [26/01/2009 3:32] [HSN] C:\ProgramData\Documentos
      [02/11/2006 14:02] [02/11/2006 14:02] [HSN] C:\ProgramData\Documents
      [17/07/2011 13:35] [02/02/2011 1:58] [N] C:\ProgramData\eMule
      [11/02/2009 18:19] [11/02/2009 18:18] [N] C:\ProgramData\EPSON
      [26/01/2009 3:32] [26/01/2009 3:32] [HSN] C:\ProgramData\Escritorio
      [02/11/2006 14:02] [02/11/2006 14:02] [HSN] C:\ProgramData\Favorites
      [26/01/2009 3:32] [26/01/2009 3:32] [HSN] C:\ProgramData\Favoritos
      [05/05/2011 13:59] [04/05/2011 21:51] [0] C:\ProgramData\Fighters
      [08/08/2009 21:25] [08/08/2009 21:25] [N] C:\ProgramData\FLEXnet
      [12/06/2010 17:10] [12/06/2010 17:10] [N] C:\ProgramData\freshgames
      [16/01/2012 12:17] [26/01/2009 3:37] [N] C:\ProgramData\Google
      [13/10/2009 7:54] [13/10/2009 7:54] [N] C:\ProgramData\Installations
      [15/01/2012 11:25] [15/01/2012 11:25] [N] C:\ProgramData\InstallShield
      [26/07/2012 18:01] [26/07/2012 18:01] [N] C:\ProgramData\Malwarebytes
      [18/06/2010 14:40] [18/06/2010 14:40] [N] C:\ProgramData\McAfee
      [26/01/2009 3:32] [26/01/2009 3:32] [HSN] C:\ProgramData\Menú Inicio
      [28/02/2011 15:54] [28/02/2011 15:54] [N] C:\ProgramData\Meridian93
      [25/02/2011 12:26] [25/02/2011 12:26] [N] C:\ProgramData\Merscom
      [16/01/2013 13:41] [02/11/2006 12:18] [SN] C:\ProgramData\Microsoft
      [13/02/2013 21:41] [01/04/2009 0:50] [N] C:\ProgramData\Microsoft Help
      [31/10/2008 15:34] [31/10/2008 15:34] [N] C:\ProgramData\Nero
      [09/10/2009 10:17] [09/10/2009 10:00] [N] C:\ProgramData\Norton
      [09/10/2009 10:00] [09/10/2009 10:00] [N] C:\ProgramData\NortonInstaller
      C:\ProgramData\ntuser.pol [RHSAN] 282 bytes 0
      [21/02/2013 21:18] [31/10/2008 15:24] [N] C:\ProgramData\NVIDIA
      [08/11/2010 16:04] [08/11/2010 16:04] [N] C:\ProgramData\NVIDIA Corporation
      [01/04/2009 9:52] [01/04/2009 9:52] [N] C:\ProgramData\Office Genuine Advantage
      [13/10/2009 8:02] [13/10/2009 8:00] [N] C:\ProgramData\PC Suite
      [26/01/2009 3:32] [26/01/2009 3:32] [HSN] C:\ProgramData\Plantillas
      [10/06/2010 16:30] [27/04/2010 21:49] [N] C:\ProgramData\PlayFirst
      [17/02/2013 14:11] [17/02/2013 14:01] [N] C:\ProgramData\Samsung
      [08/06/2010 15:46] [08/06/2010 15:46] [N] C:\ProgramData\Sandlot Games
      [14/12/2012 15:02] [26/01/2009 12:10] [N] C:\ProgramData\Skype
      [02/11/2006 14:02] [02/11/2006 14:02] [HSN] C:\ProgramData\Start Menu
      [07/04/2010 12:19] [07/04/2010 12:19] [N] C:\ProgramData\Sun
      [05/05/2011 14:04] [05/05/2011 14:04] [N] C:\ProgramData\SUPERAntiSpyware.com
      [09/10/2009 10:00] [31/10/2008 15:35] [N] C:\ProgramData\Symantec
      [23/06/2010 18:36] [02/02/2009 13:58] [AN] C:\ProgramData\TEMP
      [02/11/2006 14:02] [02/11/2006 14:02] [HSN] C:\ProgramData\Templates
      [11/02/2009 15:00] [11/02/2009 14:57] [N] C:\ProgramData\UDL
      [23/12/2010 0:02] [23/12/2010 0:02] [N] C:\ProgramData\WindowsSearch
      [27/01/2013 14:26] [27/01/2013 14:26] [N] C:\ProgramData\Xerox

      ==================== EOF ==================

    10. #10
      Usuario Avatar de Katimolongo
      Registrado
      feb 2013
      Ubicación
      España
      Mensajes
      14

      Re: Reporte de Combofix para que me ayuden

      Informe OTL:

      OTL logfile created on: 21/02/2013 21:49:55 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\David\Desktop
      Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 0000040A | Country: España | Language: ESP | Date Format: dd/MM/yyyy

      3,25 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 64,42% Memory free
      6,70 Gb Paging File | 5,62 Gb Available in Paging File | 83,83% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 582,17 Gb Total Space | 325,67 Gb Free Space | 55,94% Space Free | Partition Type: NTFS

      Computer Name: DAVID1 | User Name: David | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\David\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
      PRC - C:\Archivos de programa\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
      PRC - C:\Archivos de programa\Samsung\Kies\Kies.exe (Samsung)
      PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
      PRC - C:\Archivos de programa\SoftwareUpdater\UpdaterService.exe ()
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Archivos de programa\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
      PRC - C:\Archivos de programa\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
      PRC - C:\Archivos de programa\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      PRC - C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\NMSAccess32.exe ()
      PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
      PRC - C:\Archivos de programa\Packard Bell\FIJI\AOSD.exe (Packard Bell BV)
      PRC - C:\Archivos de programa\Packard Bell\FIJI\ABoard.exe (Packard Bell BV)


      ========== Modules (No Company Name) ==========

      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\0f4155c806e86a023b835d9070774f89\Kies.Theme.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\1b6f3c9a32cd1976fb79b2445e586939\DummyStorePlugin.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\5afdd6b1217fcb271881226a1e288567\DevicePodcast.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\cc31b394afc58c54cae2b7d0d8c33cf7\DevicePhoto.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\0990965afc0db853d38d302fb30b99d5\DeviceVideo.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\891deea73344519c23a915802265423e\DeviceMusic.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\0f2e104794d636e61f3d55852cfffea0\VideoManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\6297456e21a4d8a8a47d0e60194b8d9e\PhotoManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\9910e6c50760788df4ade3512a1dc75b\Phonebook.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\1ea0e7bc5e9ffb8973a555a41dedeb02\MusicManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\075f11a3e3c5d7466ef7d10419afb79e\BATPlugin.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\3d0e95aadf1fd4315d1b18c58bab33c1\Kies.Common.MediaDB.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\3c6667cbc29155082e58137643a1dff1\Kies.Common.StoreManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\4ddf2ac626ac624a1c66d0809971b790\Kies.Common.AllShare.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\657f2c28fc2068324d9b0f1d9d596361\Kies.Common.CRMManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\a099cf3222e6345348cc01ade70c4e6c\Kies.Common.DBManager.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\b0aeee8058ad9ab5ecd5aa762d5a6bc8\Kies.Common.MainUI.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9e94c0940670be8f03fb392555ec10d4\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9a1d52e92dab2e5f906e4edae93b8b8c\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3e9bfbd5f2cf47b8d36c1c4a9a5699c8\Kies.Common.DeviceServiceLib.FileService.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\fa06b799153f9c28c1866319b3db5580\Interop.DevFileServiceLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\82eec106b67d4157992849bbceebeb9d\Kies.Common.DeviceService.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\ef627a7ca32c8920ad424bd2b8a943f4\Podcaster.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\ef5aedc86c6201d04b7995cfad101d83\Kies.Plugin.ContentsManagerLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\d77da7b6668e27f63af7da941e221304\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3ce743f82e40c5adc6bc730a9860e378\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\29e8db641e3708219f13d2a3b7528278\Interop.PRPLAYERCORELib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\47a3f099c846efd95dc77e747cec3352\Kies.Common.Multimedia.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\0ec1f5148809454e7dd63148636a05b2\Kies.Common.DeviceServiceLib.Interface.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3b6f9e55f91ad125179632bf47619a22\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\1bbe7c10db61ba5c3ab989f4e675adf6\DeviceHost.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\2084ac4cdf9ded52ab71b038e5b39495\Kies.Common.Util.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\5cf4d41e6de5af4c27e7b66b172f73df\Kies.Locale.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\48c087dd6e18fcbd057e0b1dd6cfa2fd\Kies.MVVM.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7e54989d439c94a9254051e9c17d5650\Kies.UI.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\121e5c7e1639a49775b9d843694ba3aa\Kies.Interface.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\17b7b598c879d6cb53a38b9e00d7a752\Kies.ni.exe ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\0969ff5a4924da7d8c6ebd3fca8f154b\ICSharpCode.SharpZipLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\f69842a59a80267c673735eab7b0bcd3\GongSolutions.Wpf.DragDrop.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dbe82a95ee3feebc5999138fdf36d3c9\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll ()


      ========== Services (SafeList) ==========

      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
      SRV - (SrvUpdater) -- C:\Archivos de programa\SoftwareUpdater\UpdaterService.exe ()
      SRV - (SkypeUpdate) -- C:\Archivos de programa\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (nvUpdatusService) -- C:\Archivos de programa\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
      SRV - (Stereo Service) -- C:\Archivos de programa\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
      SRV - (fsssvc) -- C:\Archivos de programa\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
      SRV - (odserv) -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (wlcrasvc) -- C:\Archivos de programa\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
      SRV - (SeaPort) -- C:\Archivos de programa\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
      SRV - (ServiceLayer) -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
      SRV - (Microsoft Office Groove Audit Service) -- C:\Archivos de programa\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
      SRV - (NMSAccess32) -- C:\Windows\System32\NMSAccess32.exe ()
      SRV - (FLEXnet Licensing Service) -- C:\Archivos de programa\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
      SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (AdobeActiveFileMonitor6.0) -- C:\Archivos de programa\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (upperdev) -- system32\DRIVERS\usbser_lowerflt.sys File not found
      DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
      DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
      DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
      DRV - (catchme) -- C:\Users\David\AppData\Local\Temp\catchme.sys File not found
      DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
      DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
      DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
      DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
      DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
      DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
      DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
      DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
      DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
      DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
      DRV - (ss_bbus) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
      DRV - (ss_bmdfl) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
      DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
      DRV - (nvrd32) -- C:\Windows\System32\drivers\nvrd32.sys (NVIDIA Corporation)
      DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
      DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW


      IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

      IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

      IE - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
      IE - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
      IE - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\..\SearchScopes,DefaultScope = {01287161-821D-4880-85BE-BFB8D8373837}
      IE - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\..\SearchScopes\{01287161-821D-4880-85BE-BFB8D8373837}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241944
      IE - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IEFM1&src=IE-SearchBox
      IE - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
      IE - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\..\SearchScopes\{822D3147-17C8-4102-A40D-FB1C7AE91B20}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW_esES311
      IE - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\..\SearchScopes\{E298DBD6-188D-42D3-999C-BC829E6B7A83}: "URL" = http://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=19&tid={90E8D7B4-BDD8-411e-B3E8-F76FEA577832}
      IE - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      ========== FireFox ==========

      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
      FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Internet Explorer\bin [2013/02/18 17:48:40 | 000,000,000 | ---D | M]

      [2013/01/22 15:09:53 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: Google
      CHR - Extension: No name found = C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
      CHR - Extension: No name found = C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
      CHR - Extension: No name found = C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
      CHR - Extension: No name found = C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

      O1 HOSTS File: ([2013/02/21 13:09:09 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Archivos de programa\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Archivos de programa\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
      O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
      O3 - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O3 - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Archivos de programa\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
      O4 - HKLM..\Run: [ACTIVBOARD] C:\Archivos de programa\Packard Bell\FIJI\ABoard.exe (Packard Bell BV)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [ExpressFiles] C:\Program Files\ExpressFiles\ExpressFiles.exe (Express Files)
      O4 - HKLM..\Run: [KiesTrayAgent] C:\Archivos de programa\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
      O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
      O4 - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000..\Run: [] C:\Archivos de programa\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
      O4 - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
      O4 - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
      O4 - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000..\Run: [WMPNSCFG] C:\Archivos de programa\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-21-2698646911-2858209003-2317526353-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O8 - Extra context menu item: Descargar con Mipony - C:\Program Files\MiPony\Browser\IEContext.htm ()
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Archivos de programa\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
      O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O9 - Extra Button: AzartiaPoker.com - {9A4D505C-96A5-4324-AC0B-B49D7B481771} - C:\Programs\Azartia\AzartiaPoker\RunApp.exe File not found
      O9 - Extra 'Tools' menuitem : AzartiaPoker.com - {9A4D505C-96A5-4324-AC0B-B49D7B481771} - C:\Programs\Azartia\AzartiaPoker\RunApp.exe File not found
      O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
      O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
      O9 - Extra Button: PokerStars.es - {CC0FC7CF-E588-4b33-B148-C657708AB9C4} - C:\Program Files\PokerStars.ES\PokerStarsUpdate.exe File not found
      O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {B6F0855B-A06D-498B-A537-80AFF04A1B4E} http://ciac.metromadrid.es/centriweb...i/WSClient.cab (WSClientCtl Class)
      O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} https://www5.aeat.es/es13/h/cactivex.cab (AeatCtl Class)
      O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.4.2/jin...ndows-i586.cab (Java Plug-in 1.4.2)
      O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01...PUpldes-es.cab (Windows Live Hotmail Photo Upload Tool)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5A7D4F1-903F-4416-963F-909F59301222}: NameServer = 87.216.1.65,87.216.1.66
      O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
      O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Archivos de programa\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O24 - Desktop WallPaper: C:\Users\David\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel tapiz de Galería fotográfica de Windows.jpg
      O24 - Desktop BackupWallPaper: C:\Users\David\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel tapiz de Galería fotográfica de Windows.jpg
      O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found
      NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

      MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
      MsConfig - State: "startup" - 2

      CREATERESTOREPOINT
      System Restore Service not available.

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/02/21 21:28:31 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2013/02/21 18:39:48 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\David\Desktop\mbam-setup-1.70.0.1100.exe
      [2013/02/21 16:19:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
      [2013/02/21 15:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
      [2013/02/21 15:23:13 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
      [2013/02/21 15:17:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
      [2013/02/21 13:11:42 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2013/02/21 13:11:40 | 000,000,000 | ---D | C] -- C:\Windows\temp
      [2013/02/21 13:11:40 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\temp
      [2013/02/21 12:58:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2013/02/21 12:58:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2013/02/21 12:58:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
      [2013/02/21 12:58:26 | 000,000,000 | ---D | C] -- C:\ComboFix
      [2013/02/21 12:48:00 | 005,034,373 | R--- | C] (Swearware) -- C:\Users\David\Desktop\ComboFix.exe
      [2013/02/21 12:36:16 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{FF900AB4-BCB6-43AC-9AED-5023D6CC0E04}
      [2013/02/21 12:35:51 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{CDDD940E-DCA3-43AC-A456-CF1EABA06C7E}
      [2013/02/20 12:30:35 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{0C396843-CB40-40DB-ACBD-E41272D4B715}
      [2013/02/19 11:14:29 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{397C1B28-96EA-466B-91CF-56134482D83C}
      [2013/02/18 17:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\Browser Helper Object
      [2013/02/18 13:14:40 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{52751444-127F-47E2-ABB7-A356DBFD244A}
      [2013/02/17 14:23:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
      [2013/02/17 14:23:02 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Samsung
      [2013/02/17 14:22:38 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\samsung
      [2013/02/17 14:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
      [2013/02/17 14:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec
      [2013/02/17 14:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
      [2013/02/17 14:04:23 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
      [2013/02/17 14:03:27 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
      [2013/02/17 14:03:27 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\Windows\System32\drivers\dgderdrv.sys
      [2013/02/17 14:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
      [2013/02/17 13:55:24 | 000,000,000 | ---D | C] -- C:\Config.Msi
      [2013/02/17 13:33:38 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{5A92DFE2-F1A6-4FDF-9F84-C5086B981D7D}
      [2013/02/16 12:14:10 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{E20B546B-31D3-4359-8B1B-35B1465C70FA}
      [2013/02/15 12:13:30 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{0E74EEB5-BE57-40AB-ADC8-EEEFC90282F5}
      [2013/02/14 22:34:32 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{15107346-5B63-4E94-9B1E-6D0D8BD89277}
      [2013/02/14 00:32:00 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{5703CE62-E9C2-465C-B8F3-393019CB8366}
      [2013/02/13 12:21:04 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{3C85C52E-3F35-428D-854B-8D7BE8A91D87}
      [2013/02/12 11:51:45 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{877C8F58-278B-44F8-ADD3-A092C4D6CC37}
      [2013/02/11 11:39:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{60C10ACA-4D8E-4793-AE40-A1A0C3C02973}
      [2013/02/10 12:04:59 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{042ECEE3-C51C-4EE6-81B6-39E9018467A2}
      [2013/02/09 23:14:21 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{BD059B08-78AA-4CA0-BEBD-D63DB41EEDFB}
      [2013/02/09 10:30:52 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{87F8B01F-0314-43A7-A8AA-C9A7191D1500}
      [2013/02/08 11:53:12 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{C6B295B7-3585-4410-A0E5-B99C505CC8A5}
      [2013/02/07 12:37:02 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{335807B7-6640-4AC7-8C0C-FB265BC96CA3}
      [2013/02/06 21:19:33 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{A405A5A2-877F-48DC-ACFE-1AB8B592F1B5}
      [2013/02/06 09:19:09 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{E142A6C4-5074-4D31-B577-2D772D210FF5}
      [2013/02/05 12:22:58 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{F5C468B4-9C9F-4978-8658-1F68D2F8DDE6}
      [2013/02/04 23:40:51 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{88622E4C-2FAB-4C1A-8466-DCA4CF3BAC6B}
      [2013/02/04 10:42:14 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{9FD0B486-B2E6-47EB-9ABA-989407A79661}
      [2013/02/03 06:27:37 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{9969317B-3682-424F-B59D-66DA7EA77FCA}
      [2013/02/02 12:36:45 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{302B1B32-2DAF-4E94-996B-797F19CC6548}
      [2013/02/01 23:47:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{481DD137-8655-4112-A474-285C70B8596A}
      [2013/02/01 09:39:47 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{7DD47240-EF01-485D-AE7A-C12C2725B88B}
      [2013/01/31 23:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\SoftwareUpdater
      [2013/01/31 11:29:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{5F7EF77E-6941-480C-9D4B-A4578FF74E89}
      [2013/01/30 17:26:32 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{51D397ED-30A3-4288-86FF-4EC38E525043}
      [2013/01/30 15:23:56 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{FAD6CFC5-BB1D-4D25-B3B4-E6C6BC873EA7}
      [2013/01/30 13:00:54 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Iberdrola
      [2013/01/30 01:03:13 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{FBBB5D47-6A0A-4014-A910-635709414DA7}
      [2013/01/29 10:40:41 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{DDA85CCE-6EAA-45D1-94C0-B6C830DF30C2}
      [2013/01/28 12:01:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{25A247B5-151B-49F9-B196-38875DD85048}
      [2013/01/27 14:26:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Xerox
      [2013/01/27 14:23:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{1CE16E71-DA77-4350-A36C-E0C4DBBCBB18}
      [2013/01/26 13:58:57 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Libros
      [2013/01/26 12:23:20 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{9193142D-5968-4D35-A7EE-1AF9207024A7}
      [2013/01/25 18:46:57 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{05AA6C60-22F5-4B3D-8C79-21B8F61DFD42}
      [2013/01/25 02:26:51 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{1118006D-0113-412F-9A71-900E41456E77}
      [2013/01/24 12:47:05 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{75FEFDE4-2A63-4CE4-8FD3-CA6774278404}
      [2013/01/23 15:36:33 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Mipony
      [2013/01/23 15:26:32 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Mipony
      [2013/01/23 15:26:10 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
      [2013/01/23 15:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony
      [2013/01/23 15:26:10 | 000,000,000 | ---D | C] -- C:\Program Files\MiPony
      [2013/01/23 12:08:09 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{3B737834-F30F-425E-9892-3AEE244DEF29}
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/02/21 21:35:59 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
      [2013/02/21 21:35:55 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/02/21 21:35:50 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/02/21 21:35:50 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/02/21 21:35:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/02/21 21:35:37 | 3488,067,584 | -HS- | M] () -- C:\hiberfil.sys
      [2013/02/21 21:30:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-David.job
      [2013/02/21 21:30:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Extended Warranty-David.job
      [2013/02/21 21:29:15 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/02/21 21:01:00 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/02/21 19:40:11 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
      [2013/02/21 18:51:18 | 000,024,064 | ---- | M] () -- C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2013/02/21 18:39:48 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\David\Desktop\mbam-setup-1.70.0.1100.exe
      [2013/02/21 16:24:05 | 000,010,450 | ---- | M] () -- C:\Users\David\Desktop\Copia de seguridad de CCleaner (registro de entradas).reg
      [2013/02/21 16:19:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
      [2013/02/21 16:19:10 | 001,199,088 | ---- | M] () -- C:\Users\David\Desktop\AT-Destroyer.exe
      [2013/02/21 16:18:56 | 000,587,671 | ---- | M] () -- C:\Users\David\Desktop\AdwCleaner.exe
      [2013/02/21 15:23:13 | 000,001,060 | ---- | M] () -- C:\Users\David\Desktop\Revo Desinstalador programas Forospyware.lnk
      [2013/02/21 13:09:09 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
      [2013/02/21 12:57:50 | 005,034,373 | R--- | M] (Swearware) -- C:\Users\David\Desktop\ComboFix.exe
      [2013/02/20 18:20:37 | 000,000,486 | ---- | M] () -- C:\Users\David\Desktop\[email protected]
      [2013/02/14 10:57:47 | 000,381,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
      [2013/02/05 09:54:40 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
      [2013/02/05 09:54:40 | 000,037,344 | ---- | M] () -- C:\Windows\System32\FsUsbExDisk.Sys
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/02/21 20:40:12 | 3488,067,584 | -HS- | C] () -- C:\hiberfil.sys
      [2013/02/21 16:23:56 | 000,010,450 | ---- | C] () -- C:\Users\David\Desktop\Copia de seguridad de CCleaner (registro de entradas).reg
      [2013/02/21 16:19:10 | 001,199,088 | ---- | C] () -- C:\Users\David\Desktop\AT-Destroyer.exe
      [2013/02/21 16:18:56 | 000,587,671 | ---- | C] () -- C:\Users\David\Desktop\AdwCleaner.exe
      [2013/02/21 15:23:13 | 000,001,060 | ---- | C] () -- C:\Users\David\Desktop\Revo Desinstalador programas Forospyware.lnk
      [2013/02/21 12:58:34 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2013/02/21 12:58:34 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2013/02/21 12:58:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2013/02/21 12:58:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2013/02/21 12:58:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2013/01/20 12:50:42 | 000,000,001 | ---- | C] () -- C:\Users\David\AppData\Local\llftool.4.25.agreement
      [2012/12/18 10:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
      [2012/12/18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
      [2012/12/18 10:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
      [2012/12/18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
      [2012/12/18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
      [2009/08/08 09:04:50 | 000,000,282 | RHS- | C] () -- C:\ProgramData\ntuser.pol
      [2009/02/25 02:22:38 | 000,001,356 | ---- | C] () -- C:\Users\David\AppData\Local\d3d9caps.dat
      [2009/02/04 14:43:04 | 000,024,064 | ---- | C] () -- C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

      ========== ZeroAccess Check ==========

      [2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2010/06/21 15:26:27 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Boolat Games
      [2010/01/05 16:23:16 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\CurriculumFacil
      [2013/02/20 22:14:23 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
      [2009/04/17 20:14:42 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\EPSON
      [2011/05/05 13:59:12 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Fighters
      [2011/10/02 1806 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FotoPrix
      [2012/12/07 14:54:49 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FreeFLVConverter
      [2010/06/12 1746 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\freshgames
      [2010/06/12 23:19:25 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Gamelab
      [2010/06/12 17:17:00 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Hotdog Hotshot
      [2011/02/26 16:55:55 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\MAI
      [2011/02/28 15:54:07 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Meridian93
      [2011/02/25 12:26:12 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Merscom
      [2011/08/26 17:31:45 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Microgaming
      [2013/02/20 18:18:39 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mipony
      [2012/01/10 19:12:17 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\MSD_Soft
      [2010/06/12 07:41:38 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\My Games
      [2009/10/13 08:49:10 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Nokia
      [2009/10/13 08:02:19 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\PC Suite
      [2010/06/10 16:30:20 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\PlayFirst
      [2013/02/17 14:23:08 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Samsung
      [2009/01/26 12:31:54 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TeamViewer
      [2013/02/21 14:19:17 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\uTorrent
      [2010/01/05 16:25:11 | 000,000,000 | ---D | M] -- C:\Users\Invitado\AppData\Roaming\CurriculumFacil
      [2009/10/13 17:39:43 | 000,000,000 | ---D | M] -- C:\Users\Invitado\AppData\Roaming\Nokia
      [2009/10/13 17:39:42 | 000,000,000 | ---D | M] -- C:\Users\Invitado\AppData\Roaming\PC Suite

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2013/02/21 21:07:13 | 000,006,852 | ---- | M] () -- C:\AdwCleaner[S1].txt
      [2009/01/26 03:44:27 | 000,000,048 | -H-- | M] () -- C:\AT-Cuarentena
      [2013/02/21 21:29:54 | 000,018,271 | ---- | M] () -- C:\AT-Destroyer.txt
      [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
      [2008/10/31 23:52:34 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
      [2013/02/21 13:11:38 | 000,014,840 | ---- | M] () -- C:\ComboFix.txt
      [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
      [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
      [2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
      [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
      [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
      [2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
      [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
      [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
      [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
      [2013/02/21 21:35:37 | 3488,067,584 | -HS- | M] () -- C:\hiberfil.sys
      [2011/05/07 15:33:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2011/05/08 14:37:39 | 000,019,424 | ---- | M] () -- C:\Limpieza combofix.txt
      [2011/05/07 15:33:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2013/02/21 21:35:35 | 3801,759,744 | -HS- | M] () -- C:\pagefile.sys
      [2012/07/26 17:58:35 | 000,000,412 | ---- | M] () -- C:\rkill.log
      [2008/10/31 15:38:40 | 000,000,083 | ---- | M] () -- C:\temp_ig.txt
      [2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
      [2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:22741C1F
      @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:BAC2F271
      @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:76466F4C
      @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:BCDC6E07
      @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:AE2EA3C2
      @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:D8134D8F
      @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:A59DD4AD
      @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:3AE22B1A
      @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:D2A5A561
      @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:04BB186B
      @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:7F4DB476
      @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:439E3411
      @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:03D08225
      @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:B12D1A7D
      @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:56C17A93
      @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:FEEEFFAD
      @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:FECEF728
      @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:BDF08FAF

      < End of report >

    Página 1 de 3 123 ÚltimoÚltimo