• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 13

    Guia para desinfectarme

    Hola amigos del foro, Alguien me podria ayudar a desinfectarme apenas ayer hize el analisis pero al pareser sigue un poco lenta. Espero su respuesta Saludos. Aqui dejo mi resultado [email protected] as downloader log: all ...

    1. #1
      Usuario Avatar de jordi07
      Registrado
      sep 2010
      Ubicación
      villaermosa tab.
      Mensajes
      205

      Guia para desinfectarme

      Hola amigos del foro, Alguien me podria ayudar a desinfectarme apenas ayer hize el analisis pero al pareser sigue un poco lenta. Espero su respuesta Saludos.

      Aqui dejo mi resultado

      [email protected] as downloader log:
      all ok
      # version=8
      # OnlineScannerApp.exe=1.0.0.1
      # OnlineScanner.ocx=1.0.0.6920
      # api_version=3.0.2
      # EOSSerial=c3037da12f0f9843a5249e1b0f9840ae
      # engine=13249
      # end=finished
      # remove_checked=true
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # utc_time=2013-02-27 09:41:40
      # local_time=2013-02-27 03:41:40 (-0600, Hora estándar central (México))
      # country="Mexico"
      # lang=3082
      # osver=6.1.7601 NT Service Pack 1
      # compatibility_mode=3074 16777213 100 100 0 64162482 0 0
      # compatibility_mode=5893 16776573 100 94 3919003 113502891 0 0
      # scanned=107157
      # found=10
      # cleaned=10
      # scan_time=23548
      sh=AA9D6284707F25A4AD35336ED6C131AC56F175AA ft=1 fh=50309858a379708c vn="una variante de Win32/DealPly.A aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\Program Files\DealPly\DealPlyIE.dll"
      sh=0ED8F79BE8A59183AF7A95F7FE3AFDB61D55DD54 ft=1 fh=02699cd64c1c25eb vn="una variante de Win32/Bundled.Toolbar.Ask aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\Users\yoyi\Downloads\aTubeCatcher.exe"
      sh=AA7C31750B38CE3E54D34D2213C15A538C4F953C ft=1 fh=e1933394f3ba32cd vn="una variante de Win32/BSDownloader aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\Users\yoyi\Downloads\Brothersoft_downloader_For_Opera_Mini_6 (1).exe"
      sh=AA7C31750B38CE3E54D34D2213C15A538C4F953C ft=1 fh=e1933394f3ba32cd vn="una variante de Win32/BSDownloader aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\Users\yoyi\Downloads\Brothersoft_downloader_For_Opera_Mini_6.exe"
      sh=47EF53486FF826F192DBE1C2912D20FF41407159 ft=1 fh=8766b46152348b06 vn="Win32/DownloadAdmin.D aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\Users\yoyi\Downloads\cbsidlm-tr1_7-ooVoo-10672161.exe"
      sh=62C3CED13799C6BAAA4EA0DF3967C585E03F1774 ft=1 fh=7a9dd36e2fe5b2f4 vn="Win32/Toolbar.Babylon aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\Users\yoyi\Downloads\installer_ccleaner_Spanish.exe"
      sh=B2C9C612B3C77EA35A38255E320B0EC957CE46F7 ft=0 fh=0000000000000000 vn="una variante de Win32/Bundled.Toolbar.Ask aplicación (eliminado - puesto en Cuarentena)" ac=C fn="C:\Users\yoyi\Downloads\relatek-002.zip"
      sh=29FFD9C363471CA17A6F76EE48225A0FBF8DE849 ft=1 fh=9c6b8f01b2d31b6c vn="una variante de Win32/SoftonicDownloader.E aplicación (no se ha podido desinfectar - archivo eliminado - puesto en Cuarentena)" ac=C fn="C:\Users\yoyi\Downloads\SoftonicDownloader_para_blackberry-desktop-manager.exe"
      sh=B806CA851AB4948E9EA7655A66DA121C9A0CF736 ft=0 fh=0000000000000000 vn="una variante de Win32/Bundled.Toolbar.Ask aplicación (eliminado - puesto en Cuarentena)" ac=C fn="C:\Users\yoyi\PC-tools\Backup Set 2011-08-30 190013\Backup Files 2011-08-30 190013\Backup files 3.zip"
      sh=29C55C3C13BAFD8C4C36DCD4383FF167B27B48C1 ft=0 fh=0000000000000000 vn="una variante de Win32/Bundled.Toolbar.Ask aplicación (eliminado - puesto en Cuarentena)" ac=C fn="C:\Windows\Installer\27f163.msi"

    2. #2
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.704

      Re: Guia para desinfectarme

      Buenas jordi07.

      Para revisar tu equipo, sigue estos pasos, en el orden indicado y de uno a uno :

      Descarga y ejecuta >> Ccleaner.

      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      Descarga, actualiza y ejecuta >> Malwarebytes’ Anti-Malware.

      • En la pestaña Actualizar pulsas sobre el botón "Buscar Actualizaciones"
      • En la pestaña Escáner marcas "Realizar un Examen Completo."
      • Con la opción de "Eliminar lo seleccionado" y Marcando TODO lo que encuentres lo mandas todo a la cuarentena y reinicias el sistema.
      • En la pestaña "Registros", encontrarás el informe del MBAM, lo copias y pegas en tu próxima respuesta, para analizarlo.


      Descarga >> AdwCleaner.exe.

      • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Y cierra todos los programas que tengas abiertos.
      • Ejecuta Adwcleaner. (Si usas Windows Vista o 7 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsar en el Botón Supresión.
      • Sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
      • Guardas el reporte que te saldrá en el escritorio, para pegarlo en tu próxima respuesta.


      Descarga >> AT-Destroyer (by InfoSpyware) | InfoSpyware

      • Cierra TODOS los programas que tengas abiertos, y >> Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer. (Si usas Windows Vista o 7 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En el menú pulsa sobre la opción "Buscar y Destruir".
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • Si detecta infecciones se te indicara y pulsas en Aceptar.
      • Al finalizar el proceso te pedirá Reiniciar, pulsa para Aceptar.
      • Al Iniciar de nuevo Windows se te abrirá un reporte/informe, que deberás copiar en tu próxima respuesta, comentando cómo funciona el sistema.(También puedes encontrarlo en C:\AT-Destroyer.txt)


      Y finalmente descarga >> OTL By OldTimer

      *** Para Ejecutar OTL sigue estos pasos :

      • Cerrar todos programas que tengas abiertos y hacer doble click en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar la casilla Analizar Todos.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones: Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar las líneas del siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Código:
        Código:
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT


      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presionar el botón .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.


      En tu próxima respuesta recuerda :

      - Ponernos los informes de Malwarebytes, AdwCleaner, AT-Destroyer y OTL.txt.

      - Y nos cuentas como funciona tu equipo, en relación al problema planteado.

      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de jordi07
      Registrado
      sep 2010
      Ubicación
      villaermosa tab.
      Mensajes
      205

      Re: Guia para desinfectarme

      Pues este es el resultado de Malwarebytes

      Malwarebytes Anti-Malware 1.70.0.1100
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2013.02.27.09

      Windows 7 Service Pack 1 x86 NTFS
      Internet Explorer 9.0.8112.16421
      yoyi :: PC [administrador]

      27/02/2013 12:45:40 p.m.
      mbam-log-2013-02-27 (12-45-40).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 293377
      Tiempo transcurrido: 2 hora(s), 51 minuto(s), 35 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 12
      c:\program files\comodo\comodo internet security\quarantine\24667c15-4841-4f63-9afc-63c132f1dd11.data (Trojan.VBKrypt) -> Se eliminarán al reiniciar.
      c:\program files\comodo\comodo internet security\quarantine\b4fef9af-557e-4255-850f-a90100c1acc7.data (Worm.VB) -> Se eliminarán al reiniciar.
      c:\program files\comodo\comodo internet security\quarantine\c61e6385-34a5-4bb7-9499-51b4977ad2a1.data (Trojan.Autorun) -> Se eliminarán al reiniciar.
      c:\program files\comodo\comodo internet security\quarantine\6d0bc9bf-28ad-4e80-a0ba-c3237a8d0075.data (Backdoor.Bot) -> Se eliminarán al reiniciar.
      c:\program files\comodo\comodo internet security\quarantine\6f80149d-7832-44ee-888e-e67412439422.data (Trojan.Autorun) -> Se eliminarán al reiniciar.
      c:\program files\comodo\comodo internet security\quarantine\95d276ac-ee03-4970-91d8-529a80fc2b39.data (Backdoor.Bot) -> Se eliminarán al reiniciar.
      c:\program files\comodo\comodo internet security\quarantine\e1d22045-6c94-43ca-8598-c815e432bb97.data (Riskware.Tool.CK) -> Se eliminarán al reiniciar.
      c:\program files\comodo\comodo internet security\quarantine\f9bbe0e6-bd39-4095-bb9b-3d8f4cc06019.data (Trojan.Autorun) -> Se eliminarán al reiniciar.
      c:\program files\comodo\comodo internet security\quarantine\25ada509-f8f9-453c-b2f0-463079d8173e.data (Trojan.LVBP) -> Se eliminarán al reiniciar.
      c:\program files\comodo\comodo internet security\quarantine\27c68f04-fc01-4694-8dc2-fc740b3032d3.data (Trojan.Autorun) -> Se eliminarán al reiniciar.
      c:\program files\comodo\comodo internet security\quarantine\964055b1-9cd2-4697-a444-236cc931f480.data (Trojan.Autorun) -> Se eliminarán al reiniciar.
      C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> En cuarentena y eliminado con éxito.

      fin)

    4. #4
      Usuario Avatar de jordi07
      Registrado
      sep 2010
      Ubicación
      villaermosa tab.
      Mensajes
      205

      Re: Guia para desinfectarme

      Este es el del AdwCleaner

      # AdwCleaner v2.113 - Fichero creado el 27/02/2013 a 15:56:22
      # Actualizado el 23/02/2013 por Xplode
      # Sistema operativo : Windows 7 Ultimate Service Pack 1 (32 bits)
      # Usuario : yoyi - PC
      # Modo de inicio : Normal
      # Ejecutado desde : C:\Users\yoyi\Downloads\AdwCleaner.exe
      # Opción [Supresión]


      ***** [Servicios] *****


      ***** [Ficheros / Carpetas] *****

      Carpeta Suprimido : C:\Program Files\Mozilla Firefox\Extensions\[email protected]
      Carpeta Suprimido : C:\ProgramData\Babylon
      Carpeta Suprimido : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
      Carpeta Suprimido : C:\Users\yoyi\AppData\Local\Babylon
      Carpeta Suprimido : C:\Users\yoyi\AppData\Local\Ilivid Player
      Carpeta Suprimido : C:\Users\yoyi\AppData\Roaming\Babylon
      Fichero Suprimido : C:\user.js

      ***** [Registro] *****

      Clave Supprimida : HKCU\Software\APN PIP
      Clave Supprimida : HKCU\Software\DataMngr
      Clave Supprimida : HKCU\Software\DealPly
      Clave Supprimida : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
      Clave Supprimida : HKCU\Software\InstallCore
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
      Clave Supprimida : HKCU\Software\Softonic
      Clave Supprimida : HKLM\Software\Babylon
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Prod.cap
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
      Clave Supprimida : HKLM\Software\DealPly
      Clave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
      Clave Supprimida : HKLM\Software\Iminent
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
      Clave Supprimida : HKLM\Software\PIP
      Clave Supprimida : HKLM\SOFTWARE\Software
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
      Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

      ***** [Navegadores] *****

      -\\ Internet Explorer v9.0.8112.16464

      [OK] El registro no contiene ninguna entrada ilegítima.

      -\\ Mozilla Firefox v [Imposible obtener la versión]

      Fichero : C:\Users\yoyi\AppData\Roaming\Mozilla\Firefox\Profiles\6dofu0ts.default\prefs.js

      Supprimida : user_pref("browser.search.defaultengine", "Ask.com");
      Supprimida : user_pref("browser.search.defaultenginename", "Ask.com");
      Supprimida : user_pref("browser.search.order.1", "Ask.com");
      Supprimida : user_pref("browser.search.selectedEngine", "Ask.com");
      Supprimida : user_pref("extensions.asktb.ff-original-keyword-url", "");
      Supprimida : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU2&o=14670&locale=[...]

      -\\ Google Chrome v25.0.1364.97

      Fichero : C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Preferences

      [OK] El fichero no contiene ninguna entrada ilegítima.

      *************************

      AdwCleaner[S1].txt - [6673 octets] - [27/02/2013 15:56:22]

      ########## EOF - C:\AdwCleaner[S1].txt - [6733 octets] ##########

    5. #5
      Usuario Avatar de jordi07
      Registrado
      sep 2010
      Ubicación
      villaermosa tab.
      Mensajes
      205

      Re: Guia para desinfectarme

      Este es del AT-Destroyer

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 16:13:20 \\\ 27/02/2013
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Privilegios: yoyi - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: PC
      Información del sistema operativo:X86-WIN_7-Service Pack 1
      nombre del usuario:yoyi
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<



      >>>>>> Archivos <<<<<<

      C:\Users\yoyi\AppData\Roaming\vso_ts_preview.xml


      >>>>>> Registro <<<<<<

      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}


      >>>>>> Heurística <<<<<<

      C:\Users\yoyi\AppData\Roaming\inst.exe ((Heur malware.win32.generic)) <-- Será eliminado en el reinicio


      >>>>>> Internet Explorer <<<<<<

      Start Page==http://www.google.com
      Local Page==C:\Windows\System32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==http://www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==


      HKEY_USERS\S-1-5-21-438907179-791681890-2715845270-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==http://www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==


      >>>>>> Firefox <<<<<<



      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\15
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbegflbljflchoahmigblmabofoinkh
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dglbaehakkaojfihjkgkpknbjldhhmmn
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbnbfnljfkkgnpbecdiinmdefkbnicj
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcchbhjknakkndfpdbapmdkhbbgojkno
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hidkbipjeobpdbkpfbbkoljohockbpce
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgkjffcdjblaipglnmhanakilfbniihj
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie
      C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh

      ======== Listado ===========

      [17/12/2012 05:48 p.m.] [25/05/2012 12:07 a.m.] [DI] C:\Users\yoyi\AppData\Roaming\Apple Computer
      [26/02/2012 10:15 p.m.] [26/02/2012 10:15 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [31/07/2011 07:40 p.m.] [31/07/2011 07:40 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\CyberLink
      [04/04/2012 05:57 p.m.] [04/04/2012 05:51 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\DivX
      [14/06/2011 10:06 p.m.] [14/06/2011 10:06 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\ESET
      [12/04/2011 06:17 p.m.] [12/04/2011 06:17 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Identities
      C:\Users\yoyi\AppData\Roaming\inst.exe [AI] 85.5 KB ( )
      [12/04/2011 10:12 p.m.] [12/04/2011 10:12 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Macromedia
      [24/06/2011 07:24 p.m.] [24/06/2011 07:24 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Malwarebytes
      [14/07/2009 04:07 a.m.] [12/04/2011 06:17 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Media Center Programs
      [22/11/2012 08:38 p.m.] [01/06/2011 02:42 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Media Player Classic
      [12/02/2013 11:48 p.m.] [12/04/2011 06:17 p.m.] [SDI] C:\Users\yoyi\AppData\Roaming\Microsoft
      [16/12/2011 09:59 p.m.] [12/04/2011 10:45 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Mozilla
      [15/06/2011 04:02 p.m.] [15/06/2011 04:02 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Panda Security
      [11/12/2012 01:00 p.m.] [28/07/2012 05:51 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\PC Suite
      C:\Users\yoyi\AppData\Roaming\pcouffin.cat [AI] 7.70 KB ( )
      C:\Users\yoyi\AppData\Roaming\pcouffin.inf [AI] 1.11 KB ( )
      C:\Users\yoyi\AppData\Roaming\pcouffin.log [AI] 34 bytes ( )
      C:\Users\yoyi\AppData\Roaming\pcouffin.sys [AI] 46.2 KB ( )
      [10/08/2011 10:13 p.m.] [15/04/2011 11:56 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\PhotoScape
      [09/09/2012 04:29 p.m.] [27/05/2012 07:29 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\QuickScan
      [12/02/2013 11:47 p.m.] [12/02/2013 11:45 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Research In Motion
      C:\Users\yoyi\AppData\Roaming\Rim.Desktop.Exception.log [AI] 77 bytes ( )
      C:\Users\yoyi\AppData\Roaming\Rim.Desktop.HttpServerSetup.log [AI] 1.12 KB ( )
      C:\Users\yoyi\AppData\Roaming\Rim.DesktopHelper.Exception.log [AI] 0 bytes ( )
      [21/06/2011 07:55 p.m.] [05/05/2011 10:51 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Software Informer
      [01/08/2011 05:29 p.m.] [01/08/2011 05:29 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\SUPERAntiSpyware.com
      [15/06/2011 04:40 p.m.] [15/06/2011 04:40 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\SurfSecret Privacy Suite
      [06/08/2011 03:10 p.m.] [06/08/2011 03:10 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Telefónica Móviles
      [06/05/2012 04:25 p.m.] [28/06/2011 09:09 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\TuneUp Software
      [06/05/2012 05:03 p.m.] [31/05/2011 10:32 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Vso
      [12/04/2011 07:21 p.m.] [12/04/2011 07:21 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Win7codecs
      [31/08/2011 03:43 p.m.] [31/08/2011 03:43 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\Windows Live Writer
      [19/04/2011 11:12 p.m.] [19/04/2011 11:11 p.m.] [DI] C:\Users\yoyi\AppData\Roaming\WinRAR
      [24/05/2012 11:59 p.m.] [24/05/2012 11:59 p.m.] [D] C:\Program Files\Apple Software Update
      [12/04/2011 06:16 p.m.] [12/04/2011 06:16 p.m.] [HSDLI] C:\Program Files\Archivos comunes
      [15/04/2011 11:06 p.m.] [15/04/2011 01:08 p.m.] [D] C:\Program Files\Ares
      [04/04/2012 05:52 p.m.] [16/12/2011 09:56 p.m.] [D] C:\Program Files\Aurora
      [06/05/2012 04:59 p.m.] [06/05/2012 04:59 p.m.] [D] C:\Program Files\CCleaner
      [12/02/2013 11:41 p.m.] [13/07/2009 09:37 p.m.] [D] C:\Program Files\Common Files
      [27/06/2011 03:26 p.m.] [27/06/2011 08:13 a.m.] [D] C:\Program Files\COMODO
      [24/05/2012 11:44 p.m.] [24/05/2012 11:43 p.m.] [D] C:\Program Files\Defraggler
      C:\Program Files\desktop.ini [HSA] 174 bytes( 0)
      [28/07/2012 05:46 p.m.] [28/07/2012 05:46 p.m.] [D] C:\Program Files\DIFX
      [04/01/2013 07:52 p.m.] [08/05/2011 11:44 p.m.] [D] C:\Program Files\DsNET Corp
      [15/06/2011 01:53 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\DVD Maker
      [26/02/2013 08:58 p.m.] [26/02/2013 08:58 p.m.] [D] C:\Program Files\ESET
      [06/08/2011 03:08 p.m.] [31/07/2011 07:39 p.m.] [HD] C:\Program Files\InstallShield Installation Information
      [14/02/2013 06:46 p.m.] [13/07/2009 09:37 p.m.] [D] C:\Program Files\Internet Explorer
      [08/09/2012 12:45 a.m.] [08/09/2012 12:45 a.m.] [D] C:\Program Files\Java
      [16/04/2011 10:04 p.m.] [16/04/2011 10:02 p.m.] [D] C:\Program Files\K-Lite Codec Pack
      [27/02/2013 11:48 a.m.] [24/06/2011 07:24 p.m.] [D] C:\Program Files\Malwarebytes' Anti-Malware
      [12/04/2011 07:00 p.m.] [12/04/2011 07:00 p.m.] [D] C:\Program Files\Microsoft Analysis Services
      [14/07/2009 04:08 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Microsoft Games
      [12/04/2011 07:03 p.m.] [12/04/2011 06:59 p.m.] [D] C:\Program Files\Microsoft Office
      [10/05/2012 10:57 p.m.] [15/04/2011 01:41 p.m.] [D] C:\Program Files\Microsoft Silverlight
      [12/04/2011 07:03 p.m.] [12/04/2011 07:03 p.m.] [D] C:\Program Files\Microsoft SQL Server Compact Edition
      [12/04/2011 07:03 p.m.] [12/04/2011 07:03 p.m.] [D] C:\Program Files\Microsoft Sync Framework
      [12/04/2011 07:03 p.m.] [12/04/2011 07:03 p.m.] [D] C:\Program Files\Microsoft Synchronization Services
      [12/04/2011 07:01 p.m.] [12/04/2011 07:01 p.m.] [D] C:\Program Files\Microsoft Visual Studio 8
      [14/04/2011 11:51 a.m.] [12/04/2011 07:03 p.m.] [D] C:\Program Files\Microsoft.NET
      [17/02/2012 11:18 p.m.] [17/02/2012 11:18 p.m.] [D] C:\Program Files\Movie Maker 2.6
      [05/05/2012 06:01 p.m.] [05/05/2012 06:01 p.m.] [D] C:\Program Files\Mozilla Firefox
      [12/04/2011 07:04 p.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\MSBuild
      [28/04/2011 10:52 p.m.] [28/04/2011 10:52 p.m.] [D] C:\Program Files\MSECACHE
      [30/07/2012 12:40 a.m.] [30/07/2012 12:40 a.m.] [D] C:\Program Files\MSXML 4.0
      [11/12/2012 12:02 a.m.] [28/07/2012 05:42 p.m.] [D] C:\Program Files\Nokia
      [16/06/2012 08:06 p.m.] [16/06/2012 08:06 p.m.] [D] C:\Program Files\Oracle
      [01/04/2012 07:55 p.m.] [01/04/2012 07:55 p.m.] [D] C:\Program Files\Pando Networks
      [10/12/2012 11:57 p.m.] [10/12/2012 11:57 p.m.] [D] C:\Program Files\PC Connectivity Solution
      [15/04/2011 11:55 p.m.] [15/04/2011 11:54 p.m.] [D] C:\Program Files\PhotoScape
      [13/07/2009 11:52 p.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Reference Assemblies
      [12/02/2013 11:41 p.m.] [12/02/2013 11:41 p.m.] [D] C:\Program Files\Research In Motion
      [25/05/2012 12:06 a.m.] [25/05/2012 12:05 a.m.] [D] C:\Program Files\Safari
      [29/11/2012 09:49 p.m.] [01/08/2011 05:29 p.m.] [D] C:\Program Files\SUPERAntiSpyware
      [30/06/2011 08:53 a.m.] [30/06/2011 08:53 a.m.] [D] C:\Program Files\Synaptics
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HD] C:\Program Files\Uninstall Information
      [26/07/2011 01:24 p.m.] [26/07/2011 01:24 p.m.] [D] C:\Program Files\VirtualDJ
      [31/05/2011 10:31 p.m.] [31/05/2011 10:31 p.m.] [D] C:\Program Files\VSO
      [12/04/2011 07:21 p.m.] [12/04/2011 07:21 p.m.] [D] C:\Program Files\Win7codecs
      [15/06/2011 01:53 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Windows Defender
      [28/04/2011 10:53 p.m.] [28/04/2011 10:53 p.m.] [D] C:\Program Files\Windows Installer Clean Up
      [11/05/2012 06:56 p.m.] [14/07/2009 04:08 a.m.] [D] C:\Program Files\Windows Journal
      [10/07/2012 03:08 p.m.] [02/05/2011 02:53 p.m.] [D] C:\Program Files\Windows Live
      [15/06/2011 01:53 a.m.] [13/07/2009 09:37 p.m.] [D] C:\Program Files\Windows Mail
      [15/06/2011 01:53 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Windows Media Player
      [12/04/2011 06:16 p.m.] [13/07/2009 09:37 p.m.] [D] C:\Program Files\Windows NT
      [15/06/2011 01:53 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Windows Photo Viewer
      [15/06/2011 01:53 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Windows Portable Devices
      [15/06/2011 01:53 a.m.] [13/07/2009 11:52 p.m.] [D] C:\Program Files\Windows Sidebar
      [19/04/2011 11:11 p.m.] [19/04/2011 11:11 p.m.] [D] C:\Program Files\WinRAR
      [18/09/2012 12:41 a.m.] [18/09/2012 12:41 a.m.] [D] C:\Program Files\Zello
      [24/05/2012 11:59 p.m.] [24/05/2012 11:59 p.m.] [DI] C:\ProgramData\Apple
      [25/05/2012 12:05 a.m.] [25/05/2012 12:05 a.m.] [DI] C:\ProgramData\Apple Computer
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Application Data
      [26/05/2011 02:16 p.m.] [12/04/2011 07:57 p.m.] [DI] C:\ProgramData\AVAST Software
      [06/05/2012 12:48 a.m.] [06/05/2012 12:48 a.m.] [HD] C:\ProgramData\Common Files
      [02/07/2011 08:14 p.m.] [27/06/2011 08:13 a.m.] [DI] C:\ProgramData\Comodo
      [31/07/2011 07:42 p.m.] [31/07/2011 07:42 p.m.] [DI] C:\ProgramData\CyberLink
      [12/04/2011 06:16 p.m.] [12/04/2011 06:16 p.m.] [HSDLI] C:\ProgramData\Datos de programa
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Desktop
      [04/04/2012 06:22 p.m.] [04/04/2012 05:35 p.m.] [DI] C:\ProgramData\DivX
      [12/04/2011 06:16 p.m.] [12/04/2011 06:16 p.m.] [HSDLI] C:\ProgramData\Documentos
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Documents
      [12/04/2011 06:16 p.m.] [12/04/2011 06:16 p.m.] [HSDLI] C:\ProgramData\Escritorio
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Favorites
      [12/04/2011 06:16 p.m.] [12/04/2011 06:16 p.m.] [HSDLI] C:\ProgramData\Favoritos
      [24/06/2011 07:24 p.m.] [24/06/2011 07:24 p.m.] [DI] C:\ProgramData\Malwarebytes
      [12/04/2011 06:16 p.m.] [12/04/2011 06:16 p.m.] [HSDLI] C:\ProgramData\Menú Inicio
      [21/06/2011 03:51 p.m.] [13/07/2009 09:37 p.m.] [SDI] C:\ProgramData\Microsoft
      [13/02/2013 11:38 p.m.] [12/04/2011 06:59 p.m.] [DI] C:\ProgramData\Microsoft Help
      [26/07/2012 05:40 p.m.] [26/07/2012 05:40 p.m.] [DI] C:\ProgramData\NFS Underground
      [28/07/2012 05:50 p.m.] [28/07/2012 05:48 p.m.] [DI] C:\ProgramData\Nokia
      [28/07/2012 05:42 p.m.] [28/07/2012 05:42 p.m.] [DI] C:\ProgramData\NokiaInstallerCache
      C:\ProgramData\ntuser.pol [RHSAI] 442 bytes 0
      [15/06/2011 03:54 p.m.] [15/06/2011 03:54 p.m.] [DI] C:\ProgramData\Panda Security
      [28/07/2012 05:58 p.m.] [28/07/2012 05:51 p.m.] [DI] C:\ProgramData\PC Suite
      [12/04/2011 06:16 p.m.] [12/04/2011 06:16 p.m.] [HSDLI] C:\ProgramData\Plantillas
      [27/04/2011 01:00 p.m.] [27/04/2011 01:00 p.m.] [DI] C:\ProgramData\PopCap Games
      [12/02/2013 11:41 p.m.] [12/02/2013 11:41 p.m.] [DI] C:\ProgramData\Research In Motion
      [17/06/2011 06:15 p.m.] [25/05/2011 01:02 p.m.] [DI] C:\ProgramData\Spybot - Search & Destroy
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Start Menu
      [16/06/2012 08:08 p.m.] [16/06/2012 08:08 p.m.] [DI] C:\ProgramData\Sun
      [19/04/2011 11:18 p.m.] [19/04/2011 11:18 p.m.] [DI] C:\ProgramData\SUPERAntiSpyware.com
      [14/09/2011 09:30 p.m.] [14/09/2011 09:07 p.m.] [DI] C:\ProgramData\TamoSoft
      [31/07/2011 07:22 p.m.] [31/07/2011 07:22 p.m.] [DI] C:\ProgramData\Temp
      [13/07/2009 11:53 p.m.] [13/07/2009 11:53 p.m.] [HSDLI] C:\ProgramData\Templates
      [06/05/2012 12:47 a.m.] [28/06/2011 09:06 p.m.] [DI] C:\ProgramData\TuneUp Software
      [01/06/2011 02:37 p.m.] [01/06/2011 02:37 p.m.] [DI] C:\ProgramData\vsosdk
      [12/04/2011 07:21 p.m.] [12/04/2011 07:20 p.m.] [DI] C:\ProgramData\Win7codecs
      [13/04/2011 12:43 p.m.] [13/04/2011 12:43 p.m.] [DI] C:\ProgramData\WLInstaller
      [28/06/2011 09:06 p.m.] [28/06/2011 09:06 p.m.] [HSD] C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
      [06/05/2012 12:44 a.m.] [06/05/2012 12:44 a.m.] [HSD] C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}

      ==================== EOF ==================

    6. #6
      Usuario Avatar de jordi07
      Registrado
      sep 2010
      Ubicación
      villaermosa tab.
      Mensajes
      205
      Y pues por ultimo el del OTL.txt.

      OTL logfile created on: 27/02/2013 04:32:25 p.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\yoyi\Downloads
      Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 0000080a | Country: México | Language: ESM | Date Format: dd/MM/yyyy

      1015.30 Mb Total Physical Memory | 252.77 Mb Available Physical Memory | 24.90% Memory free
      1.99 Gb Paging File | 1.03 Gb Available in Paging File | 51.90% Paging File free
      Paging file location(s): c:\pagefile.sys 0 0 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 149.04 Gb Total Space | 96.83 Gb Free Space | 64.97% Space Free | Partition Type: NTFS

      Computer Name: PC | User Name: yoyi | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\yoyi\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe (Nokia)
      PRC - C:\Archivos de programa\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
      PRC - C:\Archivos de programa\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
      PRC - C:\Archivos de programa\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
      PRC - C:\Archivos de programa\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
      PRC - C:\Archivos de programa\COMODO\COMODO Internet Security\cfp.exe (COMODO)
      PRC - C:\Archivos de programa\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
      PRC - C:\Archivos de programa\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Users\yoyi\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll ()
      MOD - C:\Users\yoyi\AppData\Local\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll ()
      MOD - C:\Users\yoyi\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll ()
      MOD - C:\Users\yoyi\AppData\Local\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll ()
      MOD - C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.3.0\libglesv2.dll ()
      MOD - C:\Users\yoyi\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.3.0\libegl.dll ()
      MOD - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()


      ========== Services (SafeList) ==========

      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (ServiceLayer) -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe (Nokia)
      SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
      SRV - (!SASCORE) -- C:\Archivos de programa\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
      SRV - (cmdagent) -- C:\Archivos de programa\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (XDva391) -- C:\Windows\system32\XDva391.sys File not found
      DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
      DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
      DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
      DRV - (MpKsl7d5cdf68) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B49B43E-6DD8-441F-807C-AC91E2D0AE45}\MpKsl7d5cdf68.sys File not found
      DRV - (MpKsl41c06138) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B85A56A8-7498-4972-B825-5ADC5EA9B7EA}\MpKsl41c06138.sys File not found
      DRV - (MpKsl0a3cfe59) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B49B43E-6DD8-441F-807C-AC91E2D0AE45}\MpKsl0a3cfe59.sys File not found
      DRV - (eamonm) -- system32\DRIVERS\eamonm.sys File not found
      DRV - (dwshd) -- C:\Windows\System32\drivers\dwshd.sys File not found
      DRV - (clwvd) -- system32\DRIVERS\clwvd.sys File not found
      DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
      DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
      DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
      DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
      DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
      DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
      DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
      DRV - (cmdHlp) -- C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
      DRV - (cmdGuard) -- C:\Windows\System32\drivers\cmdGuard.sys (COMODO)
      DRV - (cmderd) -- C:\Windows\System32\drivers\cmderd.sys (COMODO)
      DRV - (inspect) -- C:\Windows\System32\drivers\inspect.sys (COMODO)
      DRV - (SASKUTIL) -- C:\Archivos de programa\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (SASDIFSV) -- C:\Archivos de programa\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
      DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
      DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
      DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
      DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
      DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope =


      IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

      IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

      IE - HKU\S-1-5-21-438907179-791681890-2715845270-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKU\S-1-5-21-438907179-791681890-2715845270-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Noticias, Deportes, Entretenimiento, Videos, Música, Cine y Estilos de Vida en Prodigy MSN
      IE - HKU\S-1-5-21-438907179-791681890-2715845270-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-mx
      IE - HKU\S-1-5-21-438907179-791681890-2715845270-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FB EF E3 64 68 F9 CB 01 [binary data]
      IE - HKU\S-1-5-21-438907179-791681890-2715845270-1000\..\SearchScopes,DefaultScope =
      IE - HKU\S-1-5-21-438907179-791681890-2715845270-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-438907179-791681890-2715845270-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKU\S-1-5-21-438907179-791681890-2715845270-1000\..\SearchScopes\{927B8464-DEEA-41DD-A58E-4A62F9FFD37A}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=es_ES&apn_ptnrs=T8&apn_dtid=YYYYYYYYMX&apn_uid=8f4358f6-c68d-4dff-957c-eb8bb37cf756&apn_sauid=C02950ED-0383-49E0-BA97-FD1811DBA9AA
      IE - HKU\S-1-5-21-438907179-791681890-2715845270-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..extensions.enabledAddons: [email protected]:1.2.1
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
      FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\yoyi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\yoyi\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\yoyi\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 10.0a2\extensions\\Components: C:\Program Files\Aurora\components [2011/12/16 21:57:02 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 10.0a2\extensions\\Plugins: C:\Program Files\Aurora\plugins [2012/04/04 16:52:07 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

      [2011/12/16 21:59:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yoyi\AppData\Roaming\mozilla\Extensions
      [2012/05/09 19:34:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yoyi\AppData\Roaming\mozilla\Firefox\Profiles\6dofu0ts.default\extensions
      [2012/05/26 12:13:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yoyi\AppData\Roaming\mozilla\Firefox\Profiles\l803spel.default\extensions
      [2012/05/02 21:42:17 | 001,184,804 | ---- | M] () (No name found) -- C:\Users\yoyi\AppData\Roaming\mozilla\firefox\profiles\6dofu0ts.default\extensions\[email protected]
      [2013/02/27 15:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      [2012/05/05 17:38:19 | 000,000,000 | ---D | M] (DealPly) -- C:\Archivos de programa\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: Google

      O1 HOSTS File: ([2011/06/28 09:47:19 | 000,000,808 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
      O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Archivos de programa\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
      O4 - HKU\S-1-5-21-438907179-791681890-2715845270-1000..\Run: [] File not found
      O4 - HKU\S-1-5-21-438907179-791681890-2715845270-1000..\Run: [Facebook Update] C:\Users\yoyi\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKU\S-1-5-21-438907179-791681890-2715845270-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
      O4 - HKU\S-1-5-21-438907179-791681890-2715845270-1000..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O7 - HKU\S-1-5-21-438907179-791681890-2715845270-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
      O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O13 - gopher Prefix: missing
      O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary...r.cab56986.cab (Checkers Class)
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messen.../GAME_UNO1.cab (UnoCtrl Class)
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50426FC4-C6AA-48D8-AAD5-997B70AA9EB1}: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50426FC4-C6AA-48D8-AAD5-997B70AA9EB1}: NameServer = 156.154.70.25,156.154.71.25
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFA2EC44-2AD0-4DC8-A0AC-AC9A6F7828DD}: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFA2EC44-2AD0-4DC8-A0AC-AC9A6F7828DD}: NameServer = 8.26.56.26,156.154.70.22
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Archivos de programa\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Archivos de programa\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found

      MsConfig - StartUpReg: BCSSync - hkey= - key= - C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
      MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\yoyi\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
      MsConfig - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      MsConfig - StartUpReg: Malwarebytes' Anti-Malware (reboot) - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
      MsConfig - StartUpReg: OfficeSyncProcess - hkey= - key= - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
      MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Archivos de programa\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
      MsConfig - State: "bootini" - 2
      MsConfig - State: "startup" - 2

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/02/27 1623 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2013/02/26 22:02:02 | 000,000,000 | ---D | C] -- C:\Users\yoyi\AppData\Local\Programs
      [2013/02/26 20:58:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
      [2013/02/21 18:50:56 | 000,000,000 | ---D | C] -- C:\Users\yoyi\Documents\Examen Psicometrico
      [2013/02/13 18:06:48 | 000,000,000 | ---D | C] -- C:\Users\yoyi\Documents\BlackBerry
      [2013/02/12 23:45:32 | 000,000,000 | ---D | C] -- C:\Users\yoyi\AppData\Local\Research In Motion
      [2013/02/12 23:45:27 | 000,000,000 | ---D | C] -- C:\Users\yoyi\AppData\Roaming\Research In Motion
      [2013/02/12 23:42:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
      [2013/02/12 23:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
      [2013/02/12 23:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\XCPCSync.OEM
      [2013/02/12 23:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
      [2013/02/12 23:41:24 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
      [2013/02/12 22:31:59 | 000,000,000 | ---D | C] -- C:\Users\yoyi\AppData\Local\{B3453400-FDF7-42CC-B5C1-D0C61465819E}
      [2011/05/31 21:32:26 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\yoyi\AppData\Roaming\pcouffin.sys

      ========== Files - Modified Within 30 Days ==========

      [2013/02/27 16:46:27 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
      [2013/02/27 16:17:13 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/02/27 16:16:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/02/27 16:16:27 | 798,466,048 | -HS- | M] () -- C:\hiberfil.sys
      [2013/02/27 16:14:08 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-438907179-791681890-2715845270-1000UA.job
      [2013/02/27 16:12:03 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-438907179-791681890-2715845270-1000UA.job
      [2013/02/27 11:48:40 | 000,408,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
      [2013/02/26 22:14:10 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-438907179-791681890-2715845270-1000Core.job
      [2013/02/26 22:02:43 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/02/25 19:56:38 | 003,538,016 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2013/02/25 19:56:38 | 001,466,458 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2013/02/25 19:56:38 | 001,093,688 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2013/02/25 19:56:38 | 000,920,166 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2013/02/25 19:53:05 | 000,100,779 | ---- | M] () -- C:\Users\yoyi\Documents\sloga.jpg
      [2013/02/25 19:09:52 | 000,031,088 | ---- | M] () -- C:\Users\yoyi\Desktop\original_img49767f74e83c3.jpg
      [2013/02/25 18:59:54 | 000,010,014 | ---- | M] () -- C:\Users\yoyi\Desktop\600695_306448189468790_126420540_n.jpg
      [2013/02/25 18:12:06 | 000,000,990 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-438907179-791681890-2715845270-1000Core.job
      [2013/02/21 18:39:53 | 000,063,501 | ---- | M] () -- C:\Users\yoyi\Documents\ejemplorazonamientoverbal (1).pdf
      [2013/02/21 00:24:14 | 000,018,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/02/21 00:24:14 | 000,018,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/02/19 22:19:45 | 000,050,916 | ---- | M] () -- C:\Users\yoyi\Desktop\BDa1d1SCUAEsYSG.jpg-large
      [2013/02/19 17:59:29 | 001,168,438 | ---- | M] () -- C:\Users\yoyi\Desktop\IMG072.jpg
      [2013/02/19 17:54:38 | 000,033,792 | -H-- | M] () -- C:\Users\yoyi\Desktop\photothumb.db
      [2013/02/13 18:04:10 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_RimUsb_01007.Wdf
      [2013/02/12 23:43:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_RimSerial_01007.Wdf
      [2013/02/12 23:42:09 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk

      ========== Files Created - No Company Name ==========

      [2013/02/27 11:48:14 | 000,408,608 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
      [2013/02/25 19:53:04 | 000,100,779 | ---- | C] () -- C:\Users\yoyi\Documents\sloga.jpg
      [2013/02/25 19:02:16 | 000,031,088 | ---- | C] () -- C:\Users\yoyi\Desktop\original_img49767f74e83c3.jpg
      [2013/02/25 18:59:52 | 000,010,014 | ---- | C] () -- C:\Users\yoyi\Desktop\600695_306448189468790_126420540_n.jpg
      [2013/02/21 18:39:38 | 000,063,501 | ---- | C] () -- C:\Users\yoyi\Documents\ejemplorazonamientoverbal (1).pdf
      [2013/02/19 22:19:25 | 000,050,916 | ---- | C] () -- C:\Users\yoyi\Desktop\BDa1d1SCUAEsYSG.jpg-large
      [2013/02/19 17:47:50 | 001,168,438 | ---- | C] () -- C:\Users\yoyi\Desktop\IMG072.jpg
      [2013/02/13 18:04:10 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_RimUsb_01007.Wdf
      [2013/02/12 23:43:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_RimSerial_01007.Wdf
      [2013/02/12 23:42:09 | 000,002,189 | ---- | C] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
      [2012/05/14 04:38:32 | 000,043,976 | ---- | C] () -- C:\Users\yoyi\AppData\Local\save_en.bmp
      [2012/05/14 04:38:08 | 000,043,976 | ---- | C] () -- C:\Users\yoyi\AppData\Local\save_es.bmp
      [2012/04/01 22:21:27 | 001,290,240 | ---- | C] () -- C:\Windows\System32\CLauncher.exe
      [2012/03/15 22:14:13 | 000,000,442 | RHS- | C] () -- C:\ProgramData\ntuser.pol
      [2012/02/17 23:24:29 | 000,003,584 | ---- | C] () -- C:\Users\yoyi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2011/10/11 12:37:05 | 000,007,168 | -H-- | C] () -- C:\Users\yoyi\photothumb.db
      [2011/09/22 23:38:24 | 000,070,515 | ---- | C] () -- C:\Users\yoyi\jeni.jpg
      [2011/09/22 23:35:42 | 000,070,515 | ---- | C] () -- C:\Users\yoyi\jeni
      [2011/09/15 01:11:16 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
      [2011/06/27 07:18:17 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
      [2011/06/15 00:06:42 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
      [2011/06/15 00:02:59 | 000,193,536 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll
      [2011/06/15 00:01:27 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
      [2011/05/31 21:32:26 | 000,087,608 | ---- | C] () -- C:\Users\yoyi\AppData\Roaming\inst.exe
      [2011/05/31 21:32:26 | 000,007,887 | ---- | C] () -- C:\Users\yoyi\AppData\Roaming\pcouffin.cat
      [2011/05/31 21:32:26 | 000,001,144 | ---- | C] () -- C:\Users\yoyi\AppData\Roaming\pcouffin.inf
      [2011/04/27 22:33:09 | 000,000,528 | R--- | C] () -- C:\Users\yoyi\MediaID.bin
      [2011/04/13 22:13:31 | 000,007,598 | ---- | C] () -- C:\Users\yoyi\AppData\Local\Resmon.ResmonCfg

      ========== ZeroAccess Check ==========

      [2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/02/26 22:15:21 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [2011/06/14 21:06:57 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\ESET
      [2011/06/15 15:02:09 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\Panda Security
      [2012/12/11 13:00:43 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\PC Suite
      [2011/08/10 21:13:01 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\PhotoScape
      [2012/09/09 15:29:27 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\QuickScan
      [2013/02/12 23:47:57 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\Research In Motion
      [2011/06/21 18:55:06 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\Software Informer
      [2011/06/15 15:40:57 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\SurfSecret Privacy Suite
      [2011/08/06 1414 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\Telefónica Móviles
      [2012/05/06 15:25:29 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\TuneUp Software
      [2012/05/06 16:03:41 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\Vso
      [2011/04/12 18:21:30 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\Win7codecs
      [2011/08/31 14:43:29 | 000,000,000 | ---D | M] -- C:\Users\yoyi\AppData\Roaming\Windows Live Writer

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2013/02/27 15:57:29 | 000,006,802 | ---- | M] () -- C:\AdwCleaner[S1].txt
      [2012/02/17 23:07:25 | 000,000,671 | ---- | M] () -- C:\AT-Cuarentena
      [2013/02/27 16:14:50 | 000,016,887 | ---- | M] () -- C:\AT-Destroyer.txt
      [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2010/11/20 06:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
      [2011/04/12 11:07:26 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2009/06/10 15:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2013/02/27 16:16:27 | 798,466,048 | -HS- | M] () -- C:\hiberfil.sys
      [2011/02/08 11:57:55 | 000,047,616 | ---- | M] (Yuna Software) -- C:\msimg32.dll
      [2013/02/27 16:16:33 | 1073,741,824 | -HS- | M] () -- C:\pagefile.sys
      [2011/08/11 13:36:00 | 000,000,600 | ---- | M] () -- C:\ZTEInstallInfo.log

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 12 bytes -> C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}

      < End of report >


      ********************************************




      Pues Amigo no anda al 100% por ejemplo cuando abro el explorador se queda asi como en la imagen no abre la pagina principal, o tambien cuando entro ala pagina de "facebook" se queda congelada como por 5 minutos, eso no se ha solucionado...
      Última edición por @Javier_HF fecha: 27/02/13 a las 20:11:37 Razón: Combinar mensajes.

    7. #7
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.704

      Re: Guia para desinfectarme

      Ahora sigue estos pasos :

      MUY Importante ~ Realiza una copia de seguridad del registro con >> Erunt.

      Y después ejecuta de nuevo OTL.exe

      Copia y Pega el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación.

      Código:
      :OTL
      DRV - (XDva391) -- C:\Windows\system32\XDva391.sys File not found
      DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
      DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
      DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
      DRV - (MpKsl7d5cdf68) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B49B43E-6DD8-441F-807C-AC91E2D0AE45}\MpKsl7d5cdf68.sys File not found
      DRV - (MpKsl41c06138) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B85A56A8-7498-4972-B825-5ADC5EA9B7EA}\MpKsl41c06138.sys File not found
      DRV - (MpKsl0a3cfe59) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B49B43E-6DD8-441F-807C-AC91E2D0AE45}\MpKsl0a3cfe59.sys File not found
      DRV - (eamonm) -- system32\DRIVERS\eamonm.sys File not found
      DRV - (dwshd) -- C:\Windows\System32\drivers\dwshd.sys File not found
      DRV - (clwvd) -- system32\DRIVERS\clwvd.sys File not found
      IE - HKU\S-1-5-21-438907179-791681890-2715845270-1000\..\SearchScopes\{927B8464-DEEA-41DD-A58E-4A62F9FFD37A}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=es_ES&apn_ptnrs=T8&apn_dtid=YYYYYYYYMX&apn_uid=8f4358f6-c68d-4dff-957c-eb8bb37cf756&apn_sauid=C02950ED-0383-49E0-BA97-FD1811DBA9AA
      FF - user.js - File not found
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      O4 - HKU\S-1-5-21-438907179-791681890-2715845270-1000..\Run: [] File not found
      O4 - HKU\S-1-5-21-438907179-791681890-2715845270-1000..\Run: [Facebook Update] C:\Users\yoyi\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O13 - gopher Prefix: missing
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      [2013/02/27 16:14:08 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-438907179-791681890-2715845270-1000UA.job
      [2013/02/26 22:14:10 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-438907179-791681890-2715845270-1000Core.job
      [2011/05/31 21:32:26 | 000,087,608 | ---- | C] () -- C:\Users\yoyi\AppData\Roaming\inst.exe
      @Alternate Data Stream - 12 bytes -> C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
      :Files
      ipconfig /flushdns /c
      ipconfig /renew /c
      :Commands
      [PURITY]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [RESETHOSTS]
      Presiona el Botón Reparar para lanzar la eliminación. Después presionas en OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.

      Guardas el nuevo reporte generado, y lo copias y pegas en tu próxima respuesta.

      Antes de contestarnos, y después de pasar OTL, revisa/actualiza tu versión de Java(Muy Importante) >> Descarga gratuita del software de Java

      Y cuando nos contestes dinos que versión de Java se ha quedado instalada >> ¿Cómo puedo comprobar si Java funciona en mi equipo?

      Recuerda ponernos el log de OTL, y dinos también que versión de Java tienes ahora y como sigue el ordenador, en relación al problema planteado.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de jordi07
      Registrado
      sep 2010
      Ubicación
      villaermosa tab.
      Mensajes
      205

      Re: Guia para desinfectarme

      Pues lo hice el procedimiento de Erunt. Pero no me lo corre bien ya lo hice al igual que el manual pero me da errores...

      Aqui te dejo el reporte del OTL
      All processes killed
      ========== OTL ==========
      Service XDva391 stopped successfully!
      Service XDva391 deleted successfully!
      File C:\Windows\system32\XDva391.sys File not found not found.
      Service VGPU stopped successfully!
      Service VGPU deleted successfully!
      File System32\drivers\rdvgkmd.sys File not found not found.
      Service tsusbhub stopped successfully!
      Service tsusbhub deleted successfully!
      File system32\drivers\tsusbhub.sys File not found not found.
      Service Synth3dVsc stopped successfully!
      Service Synth3dVsc deleted successfully!
      File System32\drivers\synth3dvsc.sys File not found not found.
      Service MpKsl7d5cdf68 stopped successfully!
      Service MpKsl7d5cdf68 deleted successfully!
      File c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B49B43E-6DD8-441F-807C-AC91E2D0AE45}\MpKsl7d5cdf68.sys File not found not found.
      Service MpKsl41c06138 stopped successfully!
      Service MpKsl41c06138 deleted successfully!
      File c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B85A56A8-7498-4972-B825-5ADC5EA9B7EA}\MpKsl41c06138.sys File not found not found.
      Service MpKsl0a3cfe59 stopped successfully!
      Service MpKsl0a3cfe59 deleted successfully!
      File c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B49B43E-6DD8-441F-807C-AC91E2D0AE45}\MpKsl0a3cfe59.sys File not found not found.
      Service eamonm stopped successfully!
      Service eamonm deleted successfully!
      File system32\DRIVERS\eamonm.sys File not found not found.
      Error: No service named dwshd was found to stop!
      Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dwshd deleted successfully.
      File C:\Windows\System32\drivers\dwshd.sys File not found not found.
      Service clwvd stopped successfully!
      Service clwvd deleted successfully!
      File system32\DRIVERS\clwvd.sys File not found not found.
      Registry key HKEY_USERS\S-1-5-21-438907179-791681890-2715845270-1000\Software\Microsoft\Internet Explorer\SearchScopes\{927B8464-DEEA-41DD-A58E-4A62F9FFD37A}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{927B8464-DEEA-41DD-A58E-4A62F9FFD37A}\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2\ not found.
      C:\Windows\system32\npDeployJava1.dll moved successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2\ not found.
      File C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
      Registry value HKEY_USERS\S-1-5-21-438907179-791681890-2715845270-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
      Registry value HKEY_USERS\S-1-5-21-438907179-791681890-2715845270-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
      C:\Users\yoyi\AppData\Local\Facebook\Update\FacebookUpdate.exe moved successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-438907179-791681890-2715845270-1000UA.job moved successfully.
      C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-438907179-791681890-2715845270-1000Core.job moved successfully.
      C:\Users\yoyi\AppData\Roaming\inst.exe moved successfully.
      ADS C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\yoyi\Downloads\cmd.bat deleted successfully.
      C:\Users\yoyi\Downloads\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Conexi¢n de red inal*mbrica 2 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 2:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de Ethernet Conexi¢n de *rea local:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : lan
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . : lan
      V¡nculo: direcci¢n IPv6 local. . . : fe80::68db:3d22:447b:b60b%10
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.83
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.254
      Adaptador de t£nel isatap.lan:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Reusable ISATAP Interface {95F22122-7CFE-46CC-94DF-8F6C6DE9B4E8}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local* 12:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : lan
      Adaptador de t£nel Conexi¢n de *rea local* 13:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:953c:2845:83d:3f57:feac
      V¡nculo: direcci¢n IPv6 local. . . : fe80::2845:83d:3f57:feac%20
      Puerta de enlace predeterminada . . . . . : ::
      C:\Users\yoyi\Downloads\cmd.bat deleted successfully.
      C:\Users\yoyi\Downloads\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: All Users

      User: Default

      User: Default User

      User: Public

      User: yoyi
      ->Flash cache emptied: 2591 bytes

      Total Flash Files Cleaned = 0.00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Public

      User: yoyi
      ->Temp folder emptied: 17492028 bytes
      ->Temporary Internet Files folder emptied: 2233193 bytes
      ->Java cache emptied: 53991 bytes
      ->FireFox cache emptied: 27156964 bytes
      ->Google Chrome cache emptied: 246828787 bytes
      ->Apple Safari cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 308 bytes
      RecycleBin emptied: 283246 bytes

      Total Files Cleaned = 280.00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 02282013_175443

      Files\Folders moved on Reboot...

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...


      Y como versión Java tengo JavaFX 2.1.1 Disculpa el retraso.

    9. #9
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.704

      Re: Guia para desinfectarme

      Y como sigue el equipo en relación al problema planteado. ??

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de jordi07
      Registrado
      sep 2010
      Ubicación
      villaermosa tab.
      Mensajes
      205

      Re: Guia para desinfectarme

      Mucho mejor, Anda mas rapida lo unico que no se resolvio es eso de las paginas que se quedan congeladas. Creo que desinstalare el Google chrome y lo instalare de nuevo haber que pasa.

    Página 1 de 2 12 ÚltimoÚltimo