• Registrarse
  • Iniciar sesión


  • Resultados 1 al 8 de 8

    Como elimino Magnipic.exe de mi maquina??

    Hola, buenos dias Soy nuevo en el foro y mi problema es el siguiente, mi computadora no me deja abrir ningun programa y cuando entro al administrador de tareas veo tareas ejecutandose llamadas magnipic.exe, intente ...

    1. #1
      Usuario Avatar de Ediyan13
      Registrado
      mar 2013
      Ubicación
      México
      Mensajes
      4

      Como elimino Magnipic.exe de mi maquina??

      Hola, buenos dias Soy nuevo en el foro y mi problema es el siguiente, mi computadora no me deja abrir ningun programa y cuando entro al administrador de tareas veo tareas ejecutandose llamadas magnipic.exe, intente instalar AVG pero no me lo permitia, y puedo ni reiniciar mi pc ni apagarla solo con el boton de encendido, simalguien me pudiera ayudar con esto se lo agradeceria mucho, de antemano muchas gracias y que tengan buen dia.

    2. #2
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Como elimino Magnipic.exe de mi maquina??

      Hola Ediyan13

      al Foro.

      Consejos para antes de publicar un nuevo mensaje

      Políticas del Foro de InfoSpyware

      Políticas Foro Oficial de HijackThis en español
      --------------------------------------------------


      Realiza lo siguiente:


      Paso 1.- Descarga, Instala y/o actualiza estas herramientas: (pero no las ejecutes aun)




      Paso 2.- Ejecutas en Orden:

      CCleaner

      Usando sus dos opciones:

      • "Limpiador": Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
      • "Registro" para limpiar todo el Registro de Windows (haciendo copia de seguridad).
      • NO necesitamos este reporte


      Adwcleaner

      • Desactive temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Cierre todos los programas que tenga abiertos.
      • Ejecute Adwcleaner. (Si usa Windows Vista o 7 presione clic derecho y seleccione "Ejecutar como Administrador.")
      • En la ventana del programa pulsar el botón Supresión.
      • Siga las instrucciones, si le pide Reiniciar el Sistema >>> Presione Aceptar.
      • Luego de reiniciar se abrirá un Block de Notas con el reporte, que debe pegar en su próxima respuesta.
      • El mismo se encuentra en C:\AdwCleaner[S1].txt


      Malwarebytes

      • No olvides actualizarlo.
      • Realiza un examen completo, selecciona todo lo que este encuentre y luego presiona el botón de "Quitar lo Seleccionado" como se muestra en la imagen, para eliminar las infecciones.
      • El reporte se guarda en la pestaña "Registros"


      • *Nota* Es importante que envíes a "Cuarentena" todo lo que este detecte, reinicie, antes de copiar y pegarnos su reporte.




      ComboFix

      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Si te pide actualizar, Aceptas.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.





      Nos traes los reportes que te generaron las herramientas.


      Salu2

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Ediyan13
      Registrado
      mar 2013
      Ubicación
      México
      Mensajes
      4

      Re: Como elimino Magnipic.exe de mi maquina??

      Holas, una disculpa por la tardanza pero no habia podido hacer lo antes descrito, aqui pego los reportes

      ADWCLEANER.


      # AdwCleaner v2.114 - Fichero creado el 07/03/2013 a 17:53:29
      # Actualizado el 05/03/2013 por Xplode
      # Sistema operativo : Windows 7 Ultimate Service Pack 1 (64 bits)
      # Usuario : EDI - EDI-PC
      # Modo de inicio : Modo seguro con funciones de red
      # Ejecutado desde : C:\Users\EDI\Downloads\adwcleaner.exe
      # Opción [Supresión]


      ***** [Servicios] *****

      Parado & Suprimido : DefaultTabSearch
      Parado & Suprimido : DefaultTabUpdate

      ***** [Ficheros / Carpetas] *****

      Carpeta Suprimido : C:\Program Files (x86)\DAEMON Tools Toolbar
      Carpeta Suprimido : C:\Program Files (x86)\DefaultTab
      Carpeta Suprimido : C:\Program Files (x86)\MagniPic
      Carpeta Suprimido : C:\Program Files (x86)\yourfiledownloader
      Carpeta Suprimido : C:\Program Files\Babylon
      Carpeta Suprimido : C:\ProgramData\clsoft ltd
      Carpeta Suprimido : C:\ProgramData\InstallMate
      Carpeta Suprimido : C:\ProgramData\Premium
      Carpeta Suprimido : C:\Users\EDI\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
      Carpeta Suprimido : C:\Users\EDI\AppData\Local\Temp\Iminent
      Carpeta Suprimido : C:\Users\EDI\AppData\LocalLow\Toolbar4
      Carpeta Suprimido : C:\Users\EDI\AppData\Roaming\DefaultTab
      Carpeta Suprimido : C:\Users\EDI\AppData\Roaming\dvdvideosoftiehelpers
      Carpeta Suprimido : C:\Users\EDI\AppData\Roaming\Mozilla\Firefox\Profiles\b6oxmxbw.default\extensions\staged
      Carpeta Suprimido : C:\Users\EDI\AppData\Roaming\OpenCandy
      Carpeta Suprimido : C:\Users\EDI\AppData\Roaming\yourfiledownloader
      Fichero Suprimido : C:\Program Files (x86)\Mozilla firefox\searchplugins\v9.xml
      Fichero Suprimido : C:\user.js
      Fichero Suprimido : C:\Users\EDI\AppData\Roaming\Mozilla\Firefox\Profiles\b6oxmxbw.default\extensions\[email protected]
      Fichero Suprimido : C:\Users\EDI\AppData\Roaming\Mozilla\Firefox\Profiles\b6oxmxbw.default\searchplugins\Searchab.xml
      Fichero Suprimido : C:\Users\EDI\AppData\Roaming\Mozilla\Firefox\Profiles\b6oxmxbw.default\searchplugins\search-here.xml
      Fichero Suprimido : C:\Users\Public\Desktop\YourFile Downloader.lnk

      ***** [Registro] *****

      Clave Supprimida : HKCU\Software\AppDataLow\Software\DefaultTab
      Clave Supprimida : HKCU\Software\AppDataLow\SProtector
      Clave Supprimida : HKCU\Software\Default Tab
      Clave Supprimida : HKCU\Software\DefaultTab
      Clave Supprimida : HKCU\Software\Iminent
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
      Clave Supprimida : HKCU\Software\Softonic
      Clave Supprimida : HKCU\Software\StartSearch
      Clave Supprimida : HKCU\Software\YourFileDownloader
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
      Clave Supprimida : HKLM\Software\BabylonToolbar
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
      Clave Supprimida : HKLM\SOFTWARE\Classes\Prod.cap
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
      Clave Supprimida : HKLM\Software\Default Tab
      Clave Supprimida : HKLM\Software\DefaultTab
      Clave Supprimida : HKLM\Software\Iminent
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Clave Supprimida : HKLM\Software\SP Global
      Clave Supprimida : HKLM\Software\SProtector
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
      Clave Supprimida : HKLM\Software\YourFileDownloader
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
      Valor Supprimida : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
      Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

      ***** [Navegadores] *****

      -\\ Internet Explorer v9.0.8112.16464

      Sustituido : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchab.com/?aff=7&uid=b516c020-8079-11e2-92aa-005056c00008 --> hxxp://www.google.com
      Sustituido : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.v9.com/?utm_source=b&utm_medium=smk&from=smk&uid=TOSHIBA_MK5065GSX_Y147C0THT__Y147C0THT&ts=1350621378 --> hxxp://www.google.com
      Sustituido : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.v9.com/?utm_source=b&utm_medium=smk&from=smk&uid=TOSHIBA_MK5065GSX_Y147C0THT__Y147C0THT&ts=1350621378 --> hxxp://www.google.com
      Sustituido : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchab.com/?aff=7&uid=b516c020-8079-11e2-92aa-005056c00008 --> hxxp://www.google.com

      -\\ Mozilla Firefox v15.0.1 (es-MX)

      Fichero : C:\Users\EDI\AppData\Roaming\Mozilla\Firefox\Profiles\b6oxmxbw.default\prefs.js

      Supprimida : user_pref("browser.startup.homepage", "hxxp://searchab.com/?aff=7&uid=b516c020-8079-11e2-92aa-005056[...]
      Supprimida : user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\":[...]
      Supprimida : user_pref("keyword.URL", "hxxp://searchab.com/?aff=7&uid=b516c020-8079-11e2-92aa-005056c00008&q=");

      -\\ Google Chrome v25.0.1364.152

      Fichero : C:\Users\EDI\AppData\Local\Google\Chrome\User Data\Default\Preferences

      Supprimida [l.1956] : homepage = "hxxp://searchab.com/?aff=7&uid=b516c020-8079-11e2-92aa-005056c00008",

      *************************

      AdwCleaner[S1].txt - [18014 octets] - [07/03/2013 17:53:29]

      ########## EOF - C:\AdwCleaner[S1].txt - [18075 octets] ##########


      MALEWAREBYTES.

      Me genero 3 reportes aqui los adjunto.

      Malwarebytes Anti-Malware (Versión de Prueba) 1.70.0.1100
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2013.03.08.03

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      EDI :: EDI-PC [administrador]

      Protección: Habilitado

      07/03/2013 10:23:26 p.m.
      mbam-log-2013-03-07 (22-23-26).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 828758
      Tiempo transcurrido: 2 hora(s), 17 minuto(s), 37 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 2
      C:\Program Files (x86)\SmartDraw VP\SD2010.Keygen.exe (RiskWare.Tool.CK) -> En cuarentena y eliminado con éxito.
      C:\SmartDraw 2010\SD2010.Keygen.exe (RiskWare.Tool.CK) -> En cuarentena y eliminado con éxito.

      fin)


      2013/03/07 22:21:02 -0600 EDI-PC EDI MESSAGE Executing scheduled update: Daily
      2013/03/07 22:21:08 -0600 EDI-PC EDI MESSAGE Starting protection
      2013/03/07 22:21:08 -0600 EDI-PC EDI MESSAGE Protection started successfully
      2013/03/07 22:21:08 -0600 EDI-PC EDI MESSAGE Starting IP protection
      2013/03/07 22:21:11 -0600 EDI-PC EDI MESSAGE IP Protection started successfully
      2013/03/07 22:21:35 -0600 EDI-PC EDI MESSAGE Starting database refresh
      2013/03/07 22:21:35 -0600 EDI-PC EDI MESSAGE Stopping IP protection
      2013/03/07 22:21:35 -0600 EDI-PC EDI MESSAGE IP Protection stopped successfully
      2013/03/07 22:21:36 -0600 EDI-PC EDI MESSAGE Scheduled update executed successfully: database updated from version v2012.12.14.11 to version v2013.03.08.03
      2013/03/07 22:21:39 -0600 EDI-PC EDI MESSAGE Database refreshed successfully
      2013/03/07 22:21:39 -0600 EDI-PC EDI MESSAGE Starting IP protection
      2013/03/07 22:21:48 -0600 EDI-PC EDI MESSAGE IP Protection started successfully


      2013/03/08 03:41:35 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53599, Process: chrome.exe)
      2013/03/08 03:41:35 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53600, Process: chrome.exe)
      2013/03/08 03:41:35 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53601, Process: chrome.exe)
      2013/03/08 03:41:35 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53602, Process: chrome.exe)
      2013/03/08 03:41:35 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53603, Process: chrome.exe)
      2013/03/08 03:41:35 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53604, Process: chrome.exe)
      2013/03/08 03:41:59 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53678, Process: chrome.exe)
      2013/03/08 03:41:59 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53679, Process: chrome.exe)
      2013/03/08 03:41:59 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53680, Process: chrome.exe)
      2013/03/08 03:41:59 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53684, Process: chrome.exe)
      2013/03/08 03:41:59 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53685, Process: chrome.exe)
      2013/03/08 03:41:59 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53686, Process: chrome.exe)
      2013/03/08 03:41:59 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53687, Process: chrome.exe)
      2013/03/08 03:41:59 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53690, Process: chrome.exe)
      2013/03/08 03:42:00 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53698, Process: chrome.exe)
      2013/03/08 03:42:00 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53699, Process: chrome.exe)
      2013/03/08 03:42:00 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53707, Process: chrome.exe)
      2013/03/08 03:42:00 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53708, Process: chrome.exe)
      2013/03/08 03:42:00 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53709, Process: chrome.exe)
      2013/03/08 03:42:00 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53710, Process: chrome.exe)
      2013/03/08 03:42:00 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53711, Process: chrome.exe)
      2013/03/08 03:42:00 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53712, Process: chrome.exe)
      2013/03/08 03:42:00 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53714, Process: chrome.exe)
      2013/03/08 03:42:00 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53715, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 53891, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 53892, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53926, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53927, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53928, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53929, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 53930, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 53931, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 53932, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 53933, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 53934, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53941, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53942, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53943, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53944, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53945, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53946, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53947, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53948, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53949, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53950, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53952, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53953, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53954, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53955, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 53956, Process: chrome.exe)
      2013/03/08 03:45:54 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 53957, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 53994, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 53995, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 53998, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 53999, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 54000, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54021, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54022, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54023, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54024, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54025, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54026, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54027, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54029, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54030, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54031, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54032, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54033, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54034, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54035, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54037, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54038, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54039, Process: chrome.exe)
      2013/03/08 03:46:27 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54040, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 54155, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 54156, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54185, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54186, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54187, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54188, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54189, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54190, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54191, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54192, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54193, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54194, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54195, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54196, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54197, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54198, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54199, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54200, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54201, Process: chrome.exe)
      2013/03/08 03:47:24 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54202, Process: chrome.exe)
      2013/03/08 03:47:56 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 54223, Process: chrome.exe)
      2013/03/08 03:47:56 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 54224, Process: chrome.exe)
      2013/03/08 03:47:56 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 54225, Process: chrome.exe)
      2013/03/08 03:47:56 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 54226, Process: chrome.exe)
      2013/03/08 03:47:56 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 54227, Process: chrome.exe)
      2013/03/08 03:47:56 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54235, Process: chrome.exe)
      2013/03/08 03:47:56 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54236, Process: chrome.exe)
      2013/03/08 03:47:56 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54237, Process: chrome.exe)
      2013/03/08 03:47:56 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54238, Process: chrome.exe)
      2013/03/08 03:47:56 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54239, Process: chrome.exe)
      2013/03/08 03:47:57 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54240, Process: chrome.exe)
      2013/03/08 03:47:57 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54241, Process: chrome.exe)
      2013/03/08 03:47:57 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54242, Process: chrome.exe)
      2013/03/08 03:47:57 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54244, Process: chrome.exe)
      2013/03/08 03:47:57 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54245, Process: chrome.exe)
      2013/03/08 03:47:57 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54247, Process: chrome.exe)
      2013/03/08 03:47:57 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54248, Process: chrome.exe)
      2013/03/08 03:47:57 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54249, Process: chrome.exe)
      2013/03/08 03:47:57 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54250, Process: chrome.exe)
      2013/03/08 03:47:57 -0600 EDI-PC EDI IP-BLOCK 46.229.161.231 (Type: outgoing, Port: 54251, Process: chrome.exe)
      2013/03/08 03:47:57 -0600 EDI-PC EDI IP-BLOCK 46.229.161.230 (Type: outgoing, Port: 54252, Process: chrome.exe)
      2013/03/08 03:53:04 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 54899, Process: chrome.exe)
      2013/03/08 03:54:49 -0600 EDI-PC EDI IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 54950, Process: chrome.exe)
      2013/03/08 06:42:23 -0600 EDI-PC EDI MESSAGE Starting protection
      2013/03/08 06:42:23 -0600 EDI-PC EDI MESSAGE Protection started successfully
      2013/03/08 06:42:23 -0600 EDI-PC EDI MESSAGE Starting IP protection
      2013/03/08 06:42:40 -0600 EDI-PC EDI MESSAGE IP Protection started successfully
      2013/03/08 0739 -0600 EDI-PC (null) MESSAGE Starting protection
      2013/03/08 0739 -0600 EDI-PC (null) MESSAGE Protection started successfully
      2013/03/08 0739 -0600 EDI-PC (null) MESSAGE Starting IP protection
      2013/03/08 0753 -0600 EDI-PC (null) MESSAGE IP Protection started successfully
      2013/03/08 10:39:11 -0600 EDI-PC EDI MESSAGE Executing scheduled update: Daily
      2013/03/08 10:39:29 -0600 EDI-PC EDI MESSAGE Starting database refresh
      2013/03/08 10:39:29 -0600 EDI-PC EDI MESSAGE Scheduled update executed successfully: database updated from version v2013.03.08.03 to version v2013.03.08.13
      2013/03/08 10:39:29 -0600 EDI-PC EDI MESSAGE Stopping IP protection
      2013/03/08 10:39:30 -0600 EDI-PC EDI MESSAGE IP Protection stopped successfully
      2013/03/08 10:39:46 -0600 EDI-PC EDI MESSAGE Database refreshed successfully
      2013/03/08 10:39:46 -0600 EDI-PC EDI MESSAGE Starting IP protection
      2013/03/08 10:39:59 -0600 EDI-PC EDI MESSAGE IP Protection started successfully
      2013/03/08 13:12:07 -0600 EDI-PC EDI IP-BLOCK 88.80.7.57 (Type: outgoing, Port: 51594, Process: chrome.exe)
      2013/03/08 13:12:08 -0600 EDI-PC EDI IP-BLOCK 88.80.7.57 (Type: outgoing, Port: 51595, Process: chrome.exe)
      2013/03/08 13:12:08 -0600 EDI-PC EDI IP-BLOCK 88.80.7.57 (Type: outgoing, Port: 51596, Process: chrome.exe)
      2013/03/08 13:12:08 -0600 EDI-PC EDI IP-BLOCK 88.80.7.57 (Type: outgoing, Port: 51597, Process: chrome.exe)
      2013/03/08 13:12:08 -0600 EDI-PC EDI IP-BLOCK 88.80.7.57 (Type: outgoing, Port: 51598, Process: chrome.exe)
      2013/03/08 13:12:08 -0600 EDI-PC EDI IP-BLOCK 88.80.7.57 (Type: outgoing, Port: 51599, Process: chrome.exe)
      2013/03/08 14:11:57 -0600 EDI-PC EDI IP-BLOCK 88.80.7.57 (Type: outgoing, Port: 52085, Process: chrome.exe)
      2013/03/08 14:12:05 -0600 EDI-PC EDI IP-BLOCK 88.80.7.57 (Type: outgoing, Port: 52089, Process: chrome.exe)
      2013/03/08 14:13:34 -0600 EDI-PC EDI IP-BLOCK 88.80.7.57 (Type: outgoing, Port: 52131, Process: chrome.exe)


      COMBOFIXX.


      ComboFix 13-03-05.01 - EDI 07/03/2013 18:11:09.1.2 - x64 NETWORK
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.52.3082.18.4095.3364 [GMT -6:00]
      Running from: c:\users\EDI\Downloads\ComboFix.exe
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\users\EDI\AppData\Local\assembly\tmp
      c:\windows\SysWow64\DEBUG.log
      c:\windows\SysWow64\URTTemp
      c:\windows\SysWow64\URTTemp\regtlib.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2013-02-08 to 2013-03-08 )))))))))))))))))))))))))))))))
      .
      .
      2013-03-07 23:01 . 2013-03-07 23:05 -------- d-----w- c:\programdata\MFAData
      2013-03-07 23:01 . 2013-03-07 23:01 -------- d-----w- c:\users\EDI\AppData\Local\MFAData
      2013-03-07 23:01 . 2013-03-07 23:01 -------- d-----w- c:\users\EDI\AppData\Local\Avg2013
      2013-03-07 22:53 . 2013-03-07 22:53 -------- d-----w- c:\users\EDI\AppData\Local\ElevatedDiagnostics
      2013-03-07 00:38 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1CB2044B-3CB4-4E71-BCA5-DCA249FC4513}\mpengine.dll
      2013-02-27 01:05 . 2013-02-27 01:05 -------- d-----w- c:\programdata\MMagnuiPic
      2013-02-14 21:57 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
      2013-02-14 21:57 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
      2013-02-14 21:54 . 2013-01-09 01:13 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
      2013-02-14 18:00 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
      2013-02-14 18:00 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
      2013-02-14 18:00 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
      2013-02-14 18:00 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
      2013-02-14 18:00 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
      2013-02-14 18:00 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
      2013-02-14 18:00 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
      2013-02-14 18:00 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
      2013-02-14 18:00 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
      2013-02-14 18:00 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
      2013-02-14 18:00 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2013-02-14 18:00 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2013-02-06 22:29 . 2013-02-27 00:58 -------- d-----w- c:\users\EDI\AppData\Local\libimobiledevice
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-02-14 22:00 . 2012-11-03 16:09 70004024 ----a-w- c:\windows\system32\MRT.exe
      2013-01-17 07:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
      2013-01-04 04:43 . 2013-02-14 18:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2012-12-16 17:11 . 2012-12-21 12:40 46080 ----a-w- c:\windows\system32\atmlib.dll
      2012-12-16 14:45 . 2012-12-21 12:40 367616 ----a-w- c:\windows\system32\atmfd.dll
      2012-12-16 14:13 . 2012-12-21 12:40 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
      2012-12-16 14:13 . 2012-12-21 12:40 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
      .
      .
      ------- Sigcheck -------
      Note: Unsigned files aren't necessarily malware.
      .
      [7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
      [-] 2012-08-12 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
      .
      [-] 2012-08-12 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
      [7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{8029D908-0B88-FE08-3439-32A43A56FA5D}]
      2013-02-27 01:34 118272 ----a-w- c:\programdata\MMagnuiPic\512d62c386022.dll
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)
      .
      R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
      R1 LUM;LUM;c:\windows\system32\drivers\LUM.sys [2007-06-05 24848]
      R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2008-01-02 24848]
      R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
      R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-01 382824]
      R3 dc3d;Controlador de detección de dispositivos de hardware de Microsoft;c:\windows\system32\DRIVERS\dc3d.sys [2012-11-02 75928]
      R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
      R3 DT9800K_x64;Dt9800k.Sys KUSB-3100 Series USB Client Driver;c:\windows\system32\drivers\DT9800k_x64.sys [2011-06-01 83944]
      R3 DT9800LD_x64;Dt9800Ld.Sys KUSB-3100 Series Firmware Loader Driver;c:\windows\system32\drivers\DT9800Ld_x64.sys [2011-06-01 28776]
      R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-09-07 1431888]
      R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
      R3 netw5v64;Controlador del adaptador Intel(R) Wireless WiFi Link 5000 Series para Windows Vista de 64 bits;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
      R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-11-02 50856]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
      R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
      R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 29696]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
      R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
      R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-23 1255736]
      R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
      R4 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe [2011-01-08 46592]
      R4 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 50336]
      R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 68256]
      R4 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-06-01 194224]
      R4 NINetworkDiscovery;NI Network Discovery;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-06-10 121032]
      S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
      S3 NETw5s64;Controlador del adaptador Intel(R) Wireless WiFi Link para Windows 7 de 64 bits;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-16 6952960]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-03-07 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-07 17:02]
      .
      2013-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162672388-2473927674-1382561999-1001Core.job
      - c:\users\EDI\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-22 21:10]
      .
      2013-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162672388-2473927674-1382561999-1001UA.job
      - c:\users\EDI\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-22 21:10]
      .
      .
      --------- X64 Entries -----------
      .
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
      FontCache
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://www.google.com
      mDefault_Page_URL = hxxp://www.google.com
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = *.local
      IE: &Enviar a OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
      IE: Free YouTube to MP3 Converter - c:\users\EDI\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
      TCP: DhcpNameServer = 192.168.1.254
      FF - ProfilePath - c:\users\EDI\AppData\Roaming\Mozilla\Firefox\Profiles\b6oxmxbw.default\
      FF - prefs.js: browser.search.selectedEngine - Privitize VPN
      .
      - - - - ORPHANS REMOVED - - - -
      .
      AddRemove-SP_008a99b9 - c:\program files (x86)\MagniPic\uninstall.exe
      AddRemove-World of Warcraft - c:\program files (x86)\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
      @Denied: (A) (Everyone)
      "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
      @Denied: (A) (Everyone)
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
      "Key"="ActionsPane3"
      "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2013-03-07 18:22:09
      ComboFix-quarantined-files.txt 2013-03-08 00:22
      .
      Pre-Run: 168,375,656,448 bytes libres
      Post-Run: 168,908,685,312 bytes libres
      .
      - - End Of File - - FC0F4AACFD1A9AC1DBAF0F369961856F

    4. #4
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Como elimino Magnipic.exe de mi maquina??

      Hola Ediyan13:


      Realiza lo siguiente:

      Has ejecutado Combofix desde una ubicación incorrecta >>> c:\users\EDI\Downloads\ComboFix.exe


      Corta el ejecutable y lo pegas en el escritorio.


      Luego:

      1.-Abrir el Notepad (Bloc de Notas)
      • Ir a INICIO > EJECUTAR >
      • Y ahí pones notepad.exe y ACEPTAR

      2.-Ahora copia y pega estos archivos dentro del Notepad

      Código:
      KillAll::
      
      ClearJavaCache:: 
      
      Folder::
      c:\programdata\MFAData
      c:\users\EDI\AppData\Local\MFAData
      c:\users\EDI\AppData\Local\Avg2013
      c:\programdata\MMagnuiPic
      
      Registry::
      [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{8029D908-0B88-FE08-3439-32A43A56FA5D}]
      
      DDS:: 
      uInternet Settings,ProxyOverride = *.local
      3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

      4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

      • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de Ediyan13
      Registrado
      mar 2013
      Ubicación
      México
      Mensajes
      4

      Re: Como elimino Magnipic.exe de mi maquina??

      Hola buenos dias, muchas gracias por el apoyo, la verdad mi computadora ya arranca de mejor manera ya que en el administrador de tareas ya no me aparecen esa tarea llamada magnipic y puedo abrir mis programas sin ninguno problema, parece que el problema quedo solucionado a menos que aun tenga algo XD, bueno aqui adjunto el reporte solicitado espero y siga todo bien.


      ComboFix 13-03-05.01 - EDI 10/03/2013 23:16:54.2.2 - x64
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.52.3082.18.4095.2530 [GMT -6:00]
      Running from: c:\users\EDI\Desktop\ComboFix.exe
      Command switches used :: c:\users\EDI\Desktop\CFScript.txt
      AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
      FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
      SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\programdata\MFAData
      c:\programdata\MFAData\aviupd.cfg
      c:\programdata\MFAData\mfaurlconf.ini
      c:\programdata\MFAData\msistorg.dat
      c:\programdata\MFAData\msistorg.dat.bkp
      c:\programdata\MFAData\pack\Avgx64.msi
      c:\programdata\MFAData\progupd.cfg
      c:\programdata\MFAData\public_installation_log.xml
      c:\programdata\MFAData\SelfUpd\avgmfapx.exe
      c:\programdata\MFAData\SelfUpd\avgmfarx.dll
      c:\programdata\MFAData\SelfUpd\avgntdumpx.exe
      c:\programdata\MFAData\SelfUpd\avgrdtesta.exe
      c:\programdata\MFAData\SelfUpd\avgrdtestx.exe
      c:\programdata\MFAData\SelfUpd\avgrunasx.exe
      c:\programdata\MFAData\SelfUpd\bins\f13mfa2904b2899fw.bin
      c:\programdata\MFAData\SelfUpd\bins\f13upd2904b2899sv.bin
      c:\programdata\MFAData\SelfUpd\compat.ini
      c:\programdata\MFAData\SelfUpd\htmlayout.dll
      c:\programdata\MFAData\SelfUpd\license_cz.htm
      c:\programdata\MFAData\SelfUpd\license_da.htm
      c:\programdata\MFAData\SelfUpd\license_es.htm
      c:\programdata\MFAData\SelfUpd\license_fr.htm
      c:\programdata\MFAData\SelfUpd\license_ge.htm
      c:\programdata\MFAData\SelfUpd\license_hu.htm
      c:\programdata\MFAData\SelfUpd\license_id.htm
      c:\programdata\MFAData\SelfUpd\license_in.htm
      c:\programdata\MFAData\SelfUpd\license_it.htm
      c:\programdata\MFAData\SelfUpd\license_jp.htm
      c:\programdata\MFAData\SelfUpd\license_ko.htm
      c:\programdata\MFAData\SelfUpd\license_ms.htm
      c:\programdata\MFAData\SelfUpd\license_nl.htm
      c:\programdata\MFAData\SelfUpd\license_pb.htm
      c:\programdata\MFAData\SelfUpd\license_pl.htm
      c:\programdata\MFAData\SelfUpd\license_pt.htm
      c:\programdata\MFAData\SelfUpd\license_ru.htm
      c:\programdata\MFAData\SelfUpd\license_sc.htm
      c:\programdata\MFAData\SelfUpd\license_sk.htm
      c:\programdata\MFAData\SelfUpd\license_sp.htm
      c:\programdata\MFAData\SelfUpd\license_tr.htm
      c:\programdata\MFAData\SelfUpd\license_us.htm
      c:\programdata\MFAData\SelfUpd\license_zh.htm
      c:\programdata\MFAData\SelfUpd\license_zt.htm
      c:\programdata\MFAData\SelfUpd\mfaconf.txt
      c:\programdata\MFAData\SelfUpd\mfacz.lns
      c:\programdata\MFAData\SelfUpd\mfada.lns
      c:\programdata\MFAData\SelfUpd\mfaes.lns
      c:\programdata\MFAData\SelfUpd\mfafr.lns
      c:\programdata\MFAData\SelfUpd\mfage.lns
      c:\programdata\MFAData\SelfUpd\mfahu.lns
      c:\programdata\MFAData\SelfUpd\mfaid.lns
      c:\programdata\MFAData\SelfUpd\mfain.lns
      c:\programdata\MFAData\SelfUpd\mfait.lns
      c:\programdata\MFAData\SelfUpd\mfajp.lns
      c:\programdata\MFAData\SelfUpd\mfako.lns
      c:\programdata\MFAData\SelfUpd\mfams.lns
      c:\programdata\MFAData\SelfUpd\mfanl.lns
      c:\programdata\MFAData\SelfUpd\mfapb.lns
      c:\programdata\MFAData\SelfUpd\mfapl.lns
      c:\programdata\MFAData\SelfUpd\mfapt.lns
      c:\programdata\MFAData\SelfUpd\mfaru.lns
      c:\programdata\MFAData\SelfUpd\mfasc.lns
      c:\programdata\MFAData\SelfUpd\mfask.lns
      c:\programdata\MFAData\SelfUpd\mfasp.lns
      c:\programdata\MFAData\SelfUpd\mfatr.lns
      c:\programdata\MFAData\SelfUpd\mfaus.lns
      c:\programdata\MFAData\SelfUpd\mfavera.txt
      c:\programdata\MFAData\SelfUpd\mfaverx.txt
      c:\programdata\MFAData\SelfUpd\mfazh.lns
      c:\programdata\MFAData\SelfUpd\mfazt.lns
      c:\programdata\MFAData\SelfUpd\personalise_cz.htm
      c:\programdata\MFAData\SelfUpd\personalise_da.htm
      c:\programdata\MFAData\SelfUpd\personalise_es.htm
      c:\programdata\MFAData\SelfUpd\personalise_fr.htm
      c:\programdata\MFAData\SelfUpd\personalise_ge.htm
      c:\programdata\MFAData\SelfUpd\personalise_hu.htm
      c:\programdata\MFAData\SelfUpd\personalise_id.htm
      c:\programdata\MFAData\SelfUpd\personalise_in.htm
      c:\programdata\MFAData\SelfUpd\personalise_it.htm
      c:\programdata\MFAData\SelfUpd\personalise_jp.htm
      c:\programdata\MFAData\SelfUpd\personalise_ko.htm
      c:\programdata\MFAData\SelfUpd\personalise_ms.htm
      c:\programdata\MFAData\SelfUpd\personalise_nl.htm
      c:\programdata\MFAData\SelfUpd\personalise_pb.htm
      c:\programdata\MFAData\SelfUpd\personalise_pl.htm
      c:\programdata\MFAData\SelfUpd\personalise_pt.htm
      c:\programdata\MFAData\SelfUpd\personalise_ru.htm
      c:\programdata\MFAData\SelfUpd\personalise_sc.htm
      c:\programdata\MFAData\SelfUpd\personalise_sk.htm
      c:\programdata\MFAData\SelfUpd\personalise_sp.htm
      c:\programdata\MFAData\SelfUpd\personalise_tr.htm
      c:\programdata\MFAData\SelfUpd\personalise_us.htm
      c:\programdata\MFAData\SelfUpd\personalise_zh.htm
      c:\programdata\MFAData\SelfUpd\personalise_zt.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_cz.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_da.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_es.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_fr.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_ge.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_hu.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_id.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_in.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_it.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_jp.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_ko.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_ms.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_nl.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_pb.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_pl.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_pt.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_ru.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_sc.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_sk.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_sp.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_tr.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_us.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_zh.htm
      c:\programdata\MFAData\SelfUpd\privacy_policy_zt.htm
      c:\programdata\MFAData\setup_tp.cab
      c:\programdata\MFAData\survey\cancel.htm
      c:\programdata\MMagnuiPic
      c:\programdata\MMagnuiPic\512d62c386022.tlb
      c:\programdata\MMagnuiPic\settings.ini
      c:\programdata\MMagnuiPic\uninstall.exe
      c:\users\EDI\AppData\Local\Avg2013
      c:\users\EDI\AppData\Local\Avg2013\log\avgcore.log
      c:\users\EDI\AppData\Local\Avg2013\log\avgcore.log.1
      c:\users\EDI\AppData\Local\Avg2013\log\avgcore.log.2
      c:\users\EDI\AppData\Local\Avg2013\log\avgcore.log.3
      c:\users\EDI\AppData\Local\Avg2013\log\avgcore.log.4
      c:\users\EDI\AppData\Local\Avg2013\log\avgcore.log.lock
      c:\users\EDI\AppData\Local\Avg2013\log\avgdecider.log
      c:\users\EDI\AppData\Local\Avg2013\log\avgdecider.log.1
      c:\users\EDI\AppData\Local\Avg2013\log\avgdecider.log.lock
      c:\users\EDI\AppData\Local\Avg2013\log\avgdiagex.log
      c:\users\EDI\AppData\Local\Avg2013\log\avgdiagex.log.lock
      c:\users\EDI\AppData\Local\Avg2013\log\avgidpagentmonitor.log
      c:\users\EDI\AppData\Local\Avg2013\log\avgidpagentmonitor.log.lock
      c:\users\EDI\AppData\Local\Avg2013\log\avgmsgdisp.log
      c:\users\EDI\AppData\Local\Avg2013\log\avgmsgdisp.log.lock
      c:\users\EDI\AppData\Local\Avg2013\log\avgpostinst.log
      c:\users\EDI\AppData\Local\Avg2013\log\avgpostinst.log.lock
      c:\users\EDI\AppData\Local\Avg2013\log\avgual.2013-03-10.log
      c:\users\EDI\AppData\Local\Avg2013\log\avgual.log
      c:\users\EDI\AppData\Local\Avg2013\log\avgual.log.lock
      c:\users\EDI\AppData\Local\Avg2013\log\avgui.log
      c:\users\EDI\AppData\Local\Avg2013\log\avgui.log.lock
      c:\users\EDI\AppData\Local\Avg2013\log\krnlapi.log
      c:\users\EDI\AppData\Local\Avg2013\log\krnlapi.log.1
      c:\users\EDI\AppData\Local\Avg2013\log\krnlapi.log.lock
      c:\users\EDI\AppData\Local\Avg2013\log\lng.log
      c:\users\EDI\AppData\Local\Avg2013\log\lng.log.lock
      c:\users\EDI\AppData\Local\MFAData
      c:\users\EDI\AppData\Local\MFAData\logs\mfa-20130307-230500.log
      c:\users\EDI\AppData\Local\MFAData\logs\mfa-20130308-002947.log
      c:\users\EDI\AppData\Local\MFAData\logs\mfa-20130308-002959.log
      c:\users\EDI\AppData\Local\MFAData\logs\msi-20130307-230500.log
      c:\users\EDI\AppData\Local\MFAData\logs\msi-20130308-002959.log
      c:\users\EDI\AppData\Local\MFAData\logs\nds-20130308-003614.log
      c:\users\EDI\AppData\Local\MFAData\logs\nds-20130308-003614.log.lock
      c:\users\EDI\AppData\Local\MFAData\logs\r64-20130308-003358.log
      c:\users\EDI\AppData\Local\MFAData\logs\r86-20130307-230801.log
      c:\users\EDI\AppData\Local\MFAData\logs\r86-20130308-003335.log
      .
      .
      ((((((((((((((((((((((((( Files Created from 2013-02-11 to 2013-03-11 )))))))))))))))))))))))))))))))
      .
      .
      2013-03-11 05:24 . 2013-03-11 05:24 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
      2013-03-11 05:24 . 2013-03-11 05:24 -------- d-----w- c:\users\Default\AppData\Local\temp
      2013-03-08 04:20 . 2013-03-08 04:20 -------- d-----w- c:\users\EDI\AppData\Roaming\Malwarebytes
      2013-03-08 04:20 . 2013-03-08 04:20 -------- d-----w- c:\programdata\Malwarebytes
      2013-03-08 04:20 . 2013-03-08 04:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2013-03-08 04:20 . 2012-12-14 22:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
      2013-03-08 04:20 . 2013-03-08 04:20 -------- d-----w- c:\users\EDI\AppData\Local\Programs
      2013-03-08 04:11 . 2013-03-08 04:11 -------- d-----w- c:\program files\CCleaner
      2013-03-08 00:40 . 2013-03-08 00:40 -------- d-----w- c:\users\EDI\AppData\Roaming\AVG2013
      2013-03-08 00:39 . 2013-03-08 00:39 -------- d-----w- c:\users\EDI\AppData\Local\AVG SafeGuard toolbar
      2013-03-08 00:38 . 2013-03-08 00:38 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
      2013-03-08 00:38 . 2013-03-08 00:37 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
      2013-03-08 00:38 . 2013-03-08 00:38 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
      2013-03-08 00:38 . 2013-03-08 00:38 -------- d-----w- c:\program files (x86)\AVG SafeGuard toolbar
      2013-03-08 00:35 . 2013-03-08 00:39 -------- d-----w- c:\programdata\AVG2013
      2013-03-08 00:35 . 2013-03-08 00:35 -------- d-----w- C:\$AVG
      2013-03-08 00:34 . 2013-03-08 00:34 -------- d-----w- c:\program files (x86)\AVG
      2013-03-07 22:53 . 2013-03-07 22:53 -------- d-----w- c:\users\EDI\AppData\Local\ElevatedDiagnostics
      2013-03-07 00:38 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1CB2044B-3CB4-4E71-BCA5-DCA249FC4513}\mpengine.dll
      2013-02-14 21:57 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
      2013-02-14 21:57 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
      2013-02-14 21:54 . 2013-01-09 01:13 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
      2013-02-14 18:00 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
      2013-02-14 18:00 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
      2013-02-14 18:00 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
      2013-02-14 18:00 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
      2013-02-14 18:00 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
      2013-02-14 18:00 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
      2013-02-14 18:00 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
      2013-02-14 18:00 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
      2013-02-14 18:00 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
      2013-02-14 18:00 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
      2013-02-14 18:00 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2013-02-14 18:00 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-02-14 22:00 . 2012-11-03 16:09 70004024 ----a-w- c:\windows\system32\MRT.exe
      2013-01-17 07:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
      2013-01-04 04:43 . 2013-02-14 18:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2012-12-16 17:11 . 2012-12-21 12:40 46080 ----a-w- c:\windows\system32\atmlib.dll
      2012-12-16 14:45 . 2012-12-21 12:40 367616 ----a-w- c:\windows\system32\atmfd.dll
      2012-12-16 14:13 . 2012-12-21 12:40 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
      2012-12-16 14:13 . 2012-12-21 12:40 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
      .
      .
      ------- Sigcheck -------
      Note: Unsigned files aren't necessarily malware.
      .
      [7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
      [-] 2012-08-12 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
      .
      [-] 2012-08-12 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
      [7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
      "vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2013-03-08 1151152]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)
      .
      R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
      R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R3 dc3d;Controlador de detección de dispositivos de hardware de Microsoft;c:\windows\system32\DRIVERS\dc3d.sys [2012-11-02 75928]
      R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
      R3 DT9800K_x64;Dt9800k.Sys KUSB-3100 Series USB Client Driver;c:\windows\system32\drivers\DT9800k_x64.sys [2011-06-01 83944]
      R3 DT9800LD_x64;Dt9800Ld.Sys KUSB-3100 Series Firmware Loader Driver;c:\windows\system32\drivers\DT9800Ld_x64.sys [2011-06-01 28776]
      R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-09-07 1431888]
      R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
      R3 netw5v64;Controlador del adaptador Intel(R) Wireless WiFi Link 5000 Series para Windows Vista de 64 bits;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
      R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-11-02 50856]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
      R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
      R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 29696]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
      R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
      R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-23 1255736]
      R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
      R4 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe [2011-01-08 46592]
      R4 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 50336]
      R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 68256]
      R4 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-06-01 194224]
      R4 NINetworkDiscovery;NI Network Discovery;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-06-10 121032]
      S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
      S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
      S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-16 111968]
      S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
      S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
      S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
      S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
      S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
      S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
      S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-03-08 39768]
      S1 LUM;LUM;c:\windows\system32\drivers\LUM.sys [2007-06-05 24848]
      S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2008-01-02 24848]
      S2 avgfws;Firewall de AVG;c:\program files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
      S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]
      S2 avgwd;WatchDog de AVG;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
      S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
      S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-01 382824]
      S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-03-08 968880]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
      S3 NETw5s64;Controlador del adaptador Intel(R) Wireless WiFi Link para Windows 7 de 64 bits;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-16 6952960]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-03-11 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-07 17:02]
      .
      2013-03-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162672388-2473927674-1382561999-1001Core.job
      - c:\users\EDI\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-22 21:10]
      .
      2013-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3162672388-2473927674-1382561999-1001UA.job
      - c:\users\EDI\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-22 21:10]
      .
      .
      --------- X64 Entries -----------
      .
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
      FontCache
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://www.google.com
      mDefault_Page_URL = hxxp://www.google.com
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: &Enviar a OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
      IE: Free YouTube to MP3 Converter - c:\users\EDI\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
      TCP: DhcpNameServer = 192.168.1.254
      Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
      FF - ProfilePath - c:\users\EDI\AppData\Roaming\Mozilla\Firefox\Profiles\b6oxmxbw.default\
      FF - prefs.js: browser.search.selectedEngine - Privitize VPN
      .
      - - - - ORPHANS REMOVED - - - -
      .
      BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
      Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
      AddRemove-{EB03EF39-C655-D560-FA95-79182B837D64} - c:\programdata\MMagnuiPic\uninstall.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
      @Denied: (A) (Everyone)
      "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
      @Denied: (A) (Everyone)
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
      "Key"="ActionsPane3"
      "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      c:\windows\SysWOW64\vmnat.exe
      c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
      c:\windows\SysWOW64\vmnetdhcp.exe
      .
      **************************************************************************
      .
      Completion time: 2013-03-10 23:32:55 - machine was rebooted
      ComboFix-quarantined-files.txt 2013-03-11 05:32
      ComboFix2.txt 2013-03-08 00:22
      .
      Pre-Run: 169,149,489,152 bytes libres
      Post-Run: 169,121,275,904 bytes libres
      .
      - - End Of File - - C217A7715CEC23AEAE3BC7506388405C

    6. #6
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Como elimino Magnipic.exe de mi maquina??

      Hola Ediyan13:

      Para terminar solo te quedaría desinstalar CF de la siguiente manera:

      • Ir a Inicio > Ejecutar
      • Escribir lo siguiente: ComboFix /Uninstall como muestra la imagen debajo:

      • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")


      Nota: Si no funciona ese método de desinstalación descarga y ejecuta OTC.exe, pulsa en CleanUp!, luego en "Yes", y reinicia tu PC.


      Nos comentas si todo sigue en orden para dar por resuelto el tema.


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de Ediyan13
      Registrado
      mar 2013
      Ubicación
      México
      Mensajes
      4

      Re: Como elimino Magnipic.exe de mi maquina??

      Muchas gracias todo va mucho mejor ya desinstale el combofix y no hubo problema con ello, mi maquina trabaja muy bien hasta ahora disculpa por la tardanza en la respuesta pero no había podido sentarme a probar mi computadora y mucho menos a contestar por aquí =P, para terminar algún antivirus que me recomienden lo que pasa es que tengo AVG y ya he tenido problemas con el de que no puedo iniciar sesión me marca un error y quiero evitar ese error futuro.

    8. #8
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Como elimino Magnipic.exe de mi maquina??

      Hola Ediyan13:


      Por el momento desinstalar AVG con su herramienta >>> Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall.


      Ya que ha tenido un grave Falso Positivo recientemente >>> Troyano Generic32.FJU - Falso Positivo de AVG en wintrust.dll -


      Luego instala algún gratuito como pueden ser Avast, Panda Cloud o Avira >>> Antivirus Gratis | InfoSpyware


      Nos comentas.



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.