• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 19 de 19

    Up2potential.net .(Re-abierto)

    Pues parece que ha vuelto el problema... He abierto ahora el Google Chrome y se me ha vuelto a abrir una página de publicidad :S...

    1. #11
      Usuario Avatar de Etic
      Registrado
      abr 2012
      Ubicación
      PSM
      Mensajes
      30

      re: Up2potential.net.(solucionado)

      Pues parece que ha vuelto el problema... He abierto ahora el Google Chrome y se me ha vuelto a abrir una página de publicidad :S

    2. #12
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Up2potential.net .(Re-abierto)

      Hola chicos:


      Etic:


      Ya he reabierto el tema, imagine que volverías, ya que la re-dirección la da un proceso.



      Descarga la herramienta OTL.exe By OldTimer a tu Escritorio.

      • Cierra todas las ventanas y programas abiertos. Hacer doble clic sobre OTL.exe para ejecutarla.
      • En Tipo de Análisis marcar la casilla "Resultado Mínimo".

        Por ultimo selecciona:
        • Usar listado de Compañías Reconocidas
        • Omitir Archivos de Microsoft
        • Buscar Lop

      • Copia el siguiente texto (excluyendo la palabra Código)::
      Código:
      netsvcs
      msconfig
      %systemdrive%\*.*
      %programefiles%\*.*
      %appdata%\*.exe /ncn /s
      %windir%\system32\*.sys /lockedfiles
      CREATERESTOREPOIN
      • Pega el script bajo la casilla Análisis Personalizados/Código de Reparación



      • Hacer clic en el botón Analizar y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos, OTL.Txt & Extras.Txt, estos estarán grabados en tu escritorio.


      • Para terminar abres el archivo OTL.Txt, copia y pega todo su contenido en tu próxima respuesta.




      Nos traes reporte.


      Salu2

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de Etic
      Registrado
      abr 2012
      Ubicación
      PSM
      Mensajes
      30

      Re: Up2potential.net .(Re-abierto)

      Buenas de nuevo muchas gracias por la ayuda, aquí esta el reporte:

      OTL logfile created on: 19/03/2013 21:32:03 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aaron\Desktop
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      5,98 Gb Total Physical Memory | 4,54 Gb Available Physical Memory | 75,96% Memory free
      11,96 Gb Paging File | 10,25 Gb Available in Paging File | 85,68% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 372,60 Gb Total Space | 299,33 Gb Free Space | 80,33% Space Free | Partition Type: NTFS
      Drive D: | 544,72 Gb Total Space | 396,37 Gb Free Space | 72,77% Space Free | Partition Type: NTFS

      Computer Name: PC-AARON | User Name: Aaron | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Aaron\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\BattlePing\BattlePing.exe (BattlePing)
      PRC - C:\Users\Aaron\AppData\Local\Context2pro\libwindoc.exe ()
      PRC - C:\Users\Aaron\AppData\Local\Context2pro\conadvanced.exe ()
      PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
      PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
      PRC - C:\Program Files (x86)\BattlePing\bp\ss5capengine_battleping.exe (Best http tunnel and http tunneling software,include client and server, bypass proxy and bypass firewall)
      PRC - C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe ()
      PRC - C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (ASUSTeK Computer Inc.)
      PRC - C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (ASUSTeK Computer Inc.)
      PRC - C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe ()
      PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe ()
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
      PRC - C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe (ASUSTeK Computer Inc.)
      PRC - C:\Windows\SysWOW64\AsHookDevice.exe (ASUSTeK Computer Inc.)


      ========== Modules (No Company Name) ==========

      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\2024a7339aa5ad2712d239d454d3c355\System.Management.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\9fe8c27f7d33440089db00fa170f95f9\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\22c60ca3c2b18e041ebff2578c90cba3\System.Runtime.DurableInstancing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\48ee0e1de873152ec7e85d7456c1cc09\System.Runtime.Serialization.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\62d047ff6c2865139d95eb19545b1cc6\SMDiagnostics.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\84068bac0b3859c94652214e0b90dfc6\System.Xml.Linq.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\91ad671de27d478bd8bdaa91d9e5a21b\Microsoft.VisualBasic.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cbb7db665b3ba25a931258eb702527f5\System.Xaml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f28a346ae10e2eec581608f591cf7116\PresentationFramework.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8983c040161b34c64474f195bff5e2de\PresentationCore.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\806c4ba7d696ab586ffd774a31f1a66b\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\08bebcf66ad666dfdf2a4a934d79c0f9\System.Core.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\5dbabea688adfc665e3453561736699a\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b83993cc955262507c8ead67567c8060\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7d6b122bee0977d953ee2409d74c3c25\PresentationFramework.Aero.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb72ac8478a5ea7e2d570bb710ecb1c1\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll ()
      MOD - C:\Users\Aaron\AppData\Local\Context2pro\libwindoc.exe ()
      MOD - C:\Users\Aaron\AppData\Local\Context2pro\conadvanced.exe ()
      MOD - C:\Program Files (x86)\BattlePing\bp\libeay32.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
      SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
      SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (asHmComSvc) -- C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe ()
      SRV - (asComSvc) -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe ()
      SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe ()
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (Device Handle Service) -- C:\Windows\SysWOW64\AsHookDevice.exe (ASUSTeK Computer Inc.)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
      DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer USA Ltd)
      DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
      DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Realtek )
      DRV:64bit: - (RTTEAMPT) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
      DRV:64bit: - (RTVLANPT) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (Alpham1) -- C:\Windows\SysNative\drivers\Alpham164.sys (Ideazon Corporation)
      DRV:64bit: - (Alpham2) -- C:\Windows\SysNative\drivers\Alpham264.sys (Ideazon Corporation)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN España: Hotmail, Messenger, Skype, Outlook y cuenta Microsoft
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ES
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EE 12 6F 22 C7 24 CE 01 [binary data]
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      ========== FireFox ==========

      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Aaron\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)



      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
      CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
      CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
      CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
      CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
      CHR - plugin: Raidcall plugin (Enabled) = C:\Users\Aaron\AppData\Roaming\raidcall\plugins\nprcplugin.dll
      CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
      CHR - Extension: Google Docs = C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
      CHR - Extension: Google Drive = C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
      CHR - Extension: YouTube = C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
      CHR - Extension: Gmail = C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
      O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
      O4 - HKLM..\Run: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe (ASUSTeK Computer Inc.)
      O4 - HKLM..\Run: [Zboard] C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
      O4 - HKCU..\Run: [conadvanced] C:\Users\Aaron\AppData\Local\Context2pro\conadvanced.exe ()
      O4 - HKCU..\Run: [contextfr] C:\Users\Aaron\AppData\Local\Context2pro\contextfr.exe ()
      O4 - HKCU..\Run: [contextprod] C:\Users\Aaron\AppData\Local\Context2pro\contextprod.exe ()
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\networkdlllsp.dll (Network Tunnel Lab)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\networkdlllsp.dll (Network Tunnel Lab)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\networkdlllsp.dll (Network Tunnel Lab)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\networkdlllsp.dll (Network Tunnel Lab)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\networkdlllsp.dll (Network Tunnel Lab)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pu...sh/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.42.230.24 62.42.63.52
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78FA2178-FFB9-4D06-9624-3634AA28F786}: DhcpNameServer = 62.42.230.24 62.42.63.52
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



      ========== Files/Folders - Created Within 30 Days ==========

      [2013/03/19 21:25:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Aaron\Desktop\OTL.exe
      [2013/03/19 18:28:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
      [2013/03/19 18:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
      [2013/03/19 18:16:00 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
      [2013/03/19 03:14:54 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\TS3Client
      [2013/03/19 03:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
      [2013/03/19 03:13:28 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
      [2013/03/13 04:36:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
      [2013/03/13 04:36:24 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\SystemRequirementsLab
      [2013/03/13 04:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
      [2013/03/13 04:35:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
      [2013/03/13 04:34:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
      [2013/03/13 04:29:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
      [2013/03/13 03:46:52 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\Easeware
      [2013/03/13 03:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\Easeware
      [2013/03/12 14:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      [2013/03/12 14:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2013/03/08 22:44:19 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\Malwarebytes
      [2013/03/08 22:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/03/08 22:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/03/08 22:44:05 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2013/03/08 22:44:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2013/03/08 22:43:52 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\Programs
      [2013/03/08 22:35:23 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\Skype
      [2013/03/08 22:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
      [2013/03/08 22:35:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
      [2013/03/08 22:35:08 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
      [2013/03/08 22:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
      [2013/03/06 05:02:42 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\vlc
      [2013/03/06 05:02:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
      [2013/03/06 05:02:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
      [2013/03/06 05:01:53 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\Context2pro
      [2013/03/06 04:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
      [2013/03/06 04:40:52 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\WinZip
      [2013/03/06 04:40:42 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
      [2013/03/06 04:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
      [2013/03/06 04:39:33 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\uTorrent
      [2013/03/03 20:20:56 | 000,000,000 | ---D | C] -- C:\ProgramData\TERA
      [2013/03/03 20:20:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
      [2013/03/03 20:12:11 | 000,315,320 | ---- | C] (Network Tunnel Lab) -- C:\Windows\SysWow64\networkdlllsp.dll
      [2013/03/03 20:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\AppData\Local\ms-drivers
      [2013/03/03 20:11:24 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\wc
      [2013/03/03 20:11:16 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\AppData\Local\icsxml
      [2013/03/03 20:11:16 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\BattlePing
      [2013/03/03 20:11:10 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\AppData\Roaming\wyUpdate AU
      [2013/03/03 20:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BattlePing
      [2013/03/03 20:11:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BattlePing
      [2013/03/03 19:50:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
      [2013/03/03 19:50:40 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\Razer
      [2013/03/03 19:50:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
      [2013/03/03 19:50:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
      [2013/03/03 19:47:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TERA
      [2013/03/03 19:43:56 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\Ideazon
      [2013/03/03 19:43:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ideazon
      [2013/03/03 19:41:40 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\raidcall
      [2013/03/03 19:41:37 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall
      [2013/03/03 19:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall
      [2013/03/03 19:41:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RaidCall
      [2013/03/03 19:40:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
      [2013/03/03 19:34:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
      [2013/03/03 19:34:04 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\Google
      [2013/03/03 19:33:46 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\Apps
      [2013/03/03 19:33:45 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\Deployment
      [2013/03/03 19:33:28 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\Macromedia
      [2013/03/03 19:32:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
      [2013/03/03 19:28:54 | 000,471,144 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
      [2013/03/03 19:28:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
      [2013/03/03 19:28:30 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
      [2013/03/03 19:28:18 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
      [2013/03/03 19:28:18 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
      [2013/03/03 19:28:18 | 001,868,944 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
      [2013/03/03 19:28:18 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
      [2013/03/03 19:28:18 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
      [2013/03/03 19:28:18 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
      [2013/03/03 19:28:18 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
      [2013/03/03 19:28:18 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
      [2013/03/03 19:28:18 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
      [2013/03/03 19:28:18 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
      [2013/03/03 19:28:18 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
      [2013/03/03 19:28:18 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
      [2013/03/03 19:28:18 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll
      [2013/03/03 19:28:18 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
      [2013/03/03 19:28:18 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
      [2013/03/03 19:28:18 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
      [2013/03/03 19:28:18 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
      [2013/03/03 19:28:18 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
      [2013/03/03 19:28:18 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
      [2013/03/03 19:28:18 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
      [2013/03/03 19:28:18 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll
      [2013/03/03 19:28:18 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
      [2013/03/03 19:28:18 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll
      [2013/03/03 19:28:18 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
      [2013/03/03 19:28:18 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
      [2013/03/03 19:28:17 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
      [2013/03/03 19:28:17 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
      [2013/03/03 19:28:17 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
      [2013/03/03 19:28:17 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
      [2013/03/03 19:28:17 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
      [2013/03/03 19:28:17 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
      [2013/03/03 19:28:17 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
      [2013/03/03 19:28:17 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
      [2013/03/03 19:28:17 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
      [2013/03/03 19:28:17 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
      [2013/03/03 19:28:17 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
      [2013/03/03 19:28:17 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
      [2013/03/03 19:28:17 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
      [2013/03/03 19:28:16 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
      [2013/03/03 19:28:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
      [2013/03/03 19:26:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
      [2013/03/03 19:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
      [2013/03/03 19:25:35 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\WinRAR
      [2013/03/03 19:25:35 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
      [2013/03/03 19:25:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
      [2013/03/03 19:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
      [2013/03/03 19:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
      [2013/03/03 19:25:24 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
      [2013/03/03 19:25:24 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
      [2013/03/03 19:25:23 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
      [2013/03/03 19:25:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
      [2013/03/03 19:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
      [2013/03/03 19:25:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
      [2013/03/03 19:24:27 | 000,048,416 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam60.sys
      [2013/03/03 19:24:27 | 000,032,544 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\RtNdPt60.sys
      [2013/03/03 19:24:27 | 000,029,472 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\drivers\RtVlan60.sys
      [2013/03/03 19:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
      [2013/03/03 19:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
      [2013/03/03 19:24:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
      [2013/03/03 19:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
      [2013/03/03 19:22:33 | 000,000,000 | ---D | C] -- C:\NVIDIA
      [2013/03/03 04:14:37 | 000,000,000 | R--D | C] -- C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      [2013/03/03 04:14:37 | 000,000,000 | R--D | C] -- C:\Users\Aaron\Searches
      [2013/03/03 04:14:37 | 000,000,000 | R--D | C] -- C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
      [2013/03/03 04:14:37 | 000,000,000 | -H-D | C] -- C:\Users\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
      [2013/03/03 04:14:28 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\Identities
      [2013/03/03 04:14:21 | 000,000,000 | R--D | C] -- C:\Users\Aaron\Contacts
      [2013/03/03 04:14:17 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\VirtualStore
      [2013/03/03 04:13:58 | 000,000,000 | --SD | C] -- C:\Users\Aaron\AppData\Roaming\Microsoft
      [2013/03/03 04:13:58 | 000,000,000 | R--D | C] -- C:\Users\Aaron\Videos
      [2013/03/03 04:13:58 | 000,000,000 | R--D | C] -- C:\Users\Aaron\Saved Games
      [2013/03/03 04:13:58 | 000,000,000 | R--D | C] -- C:\Users\Aaron\Pictures
      [2013/03/03 04:13:58 | 000,000,000 | R--D | C] -- C:\Users\Aaron\Music
      [2013/03/03 04:13:58 | 000,000,000 | R--D | C] -- C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
      [2013/03/03 04:13:58 | 000,000,000 | R--D | C] -- C:\Users\Aaron\Links
      [2013/03/03 04:13:58 | 000,000,000 | R--D | C] -- C:\Users\Aaron\Favorites
      [2013/03/03 04:13:58 | 000,000,000 | R--D | C] -- C:\Users\Aaron\Downloads
      [2013/03/03 04:13:58 | 000,000,000 | R--D | C] -- C:\Users\Aaron\Documents
      [2013/03/03 04:13:58 | 000,000,000 | R--D | C] -- C:\Users\Aaron\Desktop
      [2013/03/03 04:13:58 | 000,000,000 | R--D | C] -- C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\AppData\Local\Temporary Internet Files
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\Templates
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\Start Menu
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\SendTo
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\Recent
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\PrintHood
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\NetHood
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\Documents\My Videos
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\Documents\My Pictures
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\Documents\My Music
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\My Documents
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\Local Settings
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\AppData\Local\History
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\Cookies
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\Application Data
      [2013/03/03 04:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Aaron\AppData\Local\Application Data
      [2013/03/03 04:13:58 | 000,000,000 | -H-D | C] -- C:\Users\Aaron\AppData
      [2013/03/03 04:13:58 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\Temp
      [2013/03/03 04:13:58 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\Microsoft
      [2013/03/03 04:13:58 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\Media Center Programs
      [2013/03/03 03:57:29 | 000,000,000 | ---D | C] -- C:\Windows\Panther
      [2013/03/02 22:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
      [2013/03/02 22:59:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
      [2013/03/02 22:55:56 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
      [2013/03/02 22:55:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
      [2013/03/02 22:55:15 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\InstallShield
      [2013/03/02 22:48:11 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
      [2013/03/02 22:48:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
      [2013/03/02 22:47:44 | 000,000,000 | ---D | C] -- C:\Intel
      [2013/03/02 22:16:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
      [2013/03/02 22:15:26 | 000,016,896 | ---- | C] (ASUS) -- C:\Windows\AsTaskSched.dll
      [2013/03/02 22:15:08 | 000,028,672 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
      [2013/03/02 22:14:52 | 000,184,320 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\drivers\UpdateHelper.dll
      [2013/03/02 22:14:51 | 000,203,392 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\AsHookDevice.exe
      [2013/03/02 22:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
      [2013/03/02 22:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
      [2013/03/02 22:09:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
      [2013/03/02 22:09:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
      [2013/03/02 21:53:28 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
      [2013/03/02 21:53:10 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
      [2013/03/02 21:20:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
      [2013/03/02 21:20:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
      [2013/03/02 20:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ideazon Z Engine
      [2013/03/02 19:21:52 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Roaming\Adobe
      [2013/03/02 19:21:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
      [2013/03/02 19:21:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
      [2013/03/02 19:01:10 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
      [2013/03/02 18:59:01 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

      ========== Files - Modified Within 30 Days ==========

      [2013/03/19 21:25:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aaron\Desktop\OTL.exe
      [2013/03/19 21:13:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/03/19 20:39:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/03/19 19:39:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/03/19 18:34:12 | 000,019,520 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/03/19 18:34:12 | 000,019,520 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/03/19 18:32:51 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2013/03/19 18:32:51 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2013/03/19 18:32:51 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2013/03/19 18:28:35 | 000,002,283 | ---- | M] () -- C:\Users\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
      [2013/03/19 18:28:29 | 000,002,259 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2013/03/19 18:26:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/03/19 18:26:29 | 522,100,735 | -HS- | M] () -- C:\hiberfil.sys
      [2013/03/19 18:16:00 | 000,001,268 | ---- | M] () -- C:\Users\Aaron\Desktop\Revo Uninstaller.lnk
      [2013/03/19 18:14:47 | 000,006,328 | ---- | M] () -- C:\Users\Aaron\Documents\bookmarks_19_03_13.html
      [2013/03/19 03:13:33 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
      [2013/03/12 14:39:04 | 000,022,636 | ---- | M] () -- C:\Users\Aaron\Documents\cc_20130312_143856.reg
      [2013/03/12 14:36:33 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2013/03/08 22:44:11 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/03/08 22:35:10 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
      [2013/03/06 16:33:43 | 000,735,656 | ---- | M] () -- C:\Users\Aaron\Desktop\TERA_ScreenShot_20130306_163146.jpg
      [2013/03/06 05:02:18 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
      [2013/03/06 04:40:56 | 000,002,251 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
      [2013/03/06 04:40:17 | 000,000,835 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
      [2013/03/06 04:40:17 | 000,000,797 | ---- | M] () -- C:\Users\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
      [2013/03/03 20:36:59 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
      [2013/03/03 20:36:57 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
      [2013/03/03 20:20:49 | 000,001,842 | ---- | M] () -- C:\Users\Aaron\Desktop\TERA.lnk
      [2013/03/03 20:20:49 | 000,001,842 | ---- | M] () -- C:\Users\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\TERA.lnk
      [2013/03/03 20:11:11 | 000,000,037 | -HS- | M] () -- C:\Users\Aaron\AppData\Local\1754111884ee9ab5277ca00.95260103
      [2013/03/03 20:11:05 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\BattlePing.lnk
      [2013/03/03 19:53:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzudd_01009.Wdf
      [2013/03/03 19:41:37 | 000,001,011 | ---- | M] () -- C:\Users\Aaron\Desktop\RaidCall.lnk
      [2013/03/03 03:57:17 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2013/03/02 23:19:11 | 000,291,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2013/03/02 22:58:30 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
      [2013/03/02 22:53:39 | 000,000,000 | ---- | M] () -- C:\Windows\Path.idx
      [2013/03/02 22:53:23 | 001,127,408 | ---- | M] () -- C:\Windows\PE_Rom.dll
      [2013/03/02 22:26:03 | 000,763,958 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2013/03/02 22:16:27 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\AI Suite II.lnk
      [2013/03/02 22:15:26 | 000,016,896 | ---- | M] (ASUS) -- C:\Windows\AsTaskSched.dll
      [2013/03/02 22:14:50 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\AI Manager.lnk
      [2013/03/02 21:24:09 | 000,001,441 | ---- | M] () -- C:\Users\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
      [2013/03/02 19:02:07 | 000,041,962 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
      [2013/03/02 19:02:07 | 000,041,962 | ---- | M] () -- C:\Windows\SysNative\license.rtf
      [2013/03/02 19:00:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

      ========== Files Created - No Company Name ==========

      [2013/03/19 18:28:29 | 000,002,283 | ---- | C] () -- C:\Users\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
      [2013/03/19 18:28:29 | 000,002,259 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2013/03/19 18:16:00 | 000,001,268 | ---- | C] () -- C:\Users\Aaron\Desktop\Revo Uninstaller.lnk
      [2013/03/19 18:14:47 | 000,006,328 | ---- | C] () -- C:\Users\Aaron\Documents\bookmarks_19_03_13.html
      [2013/03/19 03:13:33 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
      [2013/03/12 14:39:00 | 000,022,636 | ---- | C] () -- C:\Users\Aaron\Documents\cc_20130312_143856.reg
      [2013/03/12 14:36:33 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2013/03/08 22:44:11 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/03/08 22:35:10 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
      [2013/03/06 16:33:40 | 000,735,656 | ---- | C] () -- C:\Users\Aaron\Desktop\TERA_ScreenShot_20130306_163146.jpg
      [2013/03/06 05:02:18 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
      [2013/03/06 04:40:56 | 000,002,251 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
      [2013/03/06 04:40:17 | 000,000,835 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
      [2013/03/06 04:40:17 | 000,000,797 | ---- | C] () -- C:\Users\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
      [2013/03/03 20:36:59 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
      [2013/03/03 20:36:57 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
      [2013/03/03 20:30:47 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
      [2013/03/03 20:20:49 | 000,001,842 | ---- | C] () -- C:\Users\Aaron\Desktop\TERA.lnk
      [2013/03/03 20:20:49 | 000,001,842 | ---- | C] () -- C:\Users\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\TERA.lnk
      [2013/03/03 20:11:11 | 000,000,037 | -HS- | C] () -- C:\Users\Aaron\AppData\Local\1754111884ee9ab5277ca00.95260103
      [2013/03/03 20:11:05 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\BattlePing.lnk
      [2013/03/03 19:53:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzudd_01009.Wdf
      [2013/03/03 19:42:27 | 000,763,958 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2013/03/03 19:41:37 | 000,001,011 | ---- | C] () -- C:\Users\Aaron\Desktop\RaidCall.lnk
      [2013/03/03 19:34:11 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/03/03 19:34:10 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/03/03 19:28:54 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
      [2013/03/03 19:28:38 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
      [2013/03/03 19:25:48 | 003,035,306 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
      [2013/03/03 19:25:47 | 000,002,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
      [2013/03/03 19:24:38 | 000,017,738 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
      [2013/03/03 04:17:16 | 000,001,441 | ---- | C] () -- C:\Users\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
      [2013/03/03 04:14:42 | 000,001,413 | ---- | C] () -- C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
      [2013/03/03 04:14:38 | 000,001,447 | ---- | C] () -- C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      [2013/03/03 04:13:58 | 000,000,290 | ---- | C] () -- C:\Users\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
      [2013/03/03 04:13:58 | 000,000,272 | ---- | C] () -- C:\Users\Aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
      [2013/03/02 22:55:55 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
      [2013/03/02 22:55:55 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
      [2013/03/02 22:53:39 | 000,000,000 | ---- | C] () -- C:\Windows\Path.idx
      [2013/03/02 22:53:22 | 001,127,408 | ---- | C] () -- C:\Windows\PE_Rom.dll
      [2013/03/02 22:16:29 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
      [2013/03/02 22:16:27 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\AI Suite II.lnk
      [2013/03/02 22:15:08 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
      [2013/03/02 22:14:52 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\drivers\ServiceHelp.dll
      [2013/03/02 22:14:51 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
      [2013/03/02 22:14:51 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
      [2013/03/02 22:14:50 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\AI Manager.lnk
      [2013/03/02 21:54:11 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
      [2013/03/02 21:52:57 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
      [2013/03/02 21:52:48 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
      [2013/03/02 21:52:48 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
      [2013/03/02 21:52:41 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
      [2013/03/02 20:44:17 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
      [2013/03/02 19:21:46 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/03/02 19:01:44 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
      [2013/03/02 19:01:40 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
      [2013/03/02 19:00:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
      [2013/03/02 18:58:19 | 522,100,735 | -HS- | C] () -- C:\hiberfil.sys

      ========== ZeroAccess Check ==========

      [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2013/03/13 03:46:52 | 000,000,000 | ---D | M] -- C:\Users\Aaron\AppData\Roaming\Easeware
      [2013/03/03 19:43:56 | 000,000,000 | ---D | M] -- C:\Users\Aaron\AppData\Roaming\Ideazon
      [2013/03/03 19:41:40 | 000,000,000 | ---D | M] -- C:\Users\Aaron\AppData\Roaming\raidcall
      [2013/03/13 04:36:24 | 000,000,000 | ---D | M] -- C:\Users\Aaron\AppData\Roaming\SystemRequirementsLab
      [2013/03/19 05:19:23 | 000,000,000 | ---D | M] -- C:\Users\Aaron\AppData\Roaming\TS3Client
      [2013/03/19 05:19:23 | 000,000,000 | ---D | M] -- C:\Users\Aaron\AppData\Roaming\uTorrent
      [2013/03/03 20:11:10 | 000,000,000 | -HSD | M] -- C:\Users\Aaron\AppData\Roaming\wyUpdate AU

      ========== Custom Scans ==========

      < %systemdrive%\*.* >
      [2012/10/06 09:09:26 | 000,132,870 | ---- | M] () -- C:\blitzerr.txt
      [2010/11/20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
      [2013/03/03 03:57:17 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2012/11/30 21:11:02 | 000,001,270 | ---- | M] () -- C:\clan.bmp
      [2012/07/09 15:00:55 | 000,001,270 | ---- | M] () -- C:\clan1.bmp
      [2012/07/09 15:01:17 | 000,001,270 | ---- | M] () -- C:\clan2.bmp
      [2012/07/09 15:00:23 | 000,001,270 | ---- | M] () -- C:\clan3.bmp
      [2012/07/09 20:21:08 | 000,001,270 | ---- | M] () -- C:\clanazo.bmp
      [2012/07/09 20:29:52 | 000,001,270 | ---- | M] () -- C:\estrella.bmp
      [2013/03/19 18:26:29 | 522,100,735 | -HS- | M] () -- C:\hiberfil.sys
      [2013/03/19 18:26:31 | 2127,794,175 | -HS- | M] () -- C:\pagefile.sys
      [2013/03/02 22:16:43 | 000,000,090 | ---- | M] () -- C:\setup.log
      Invalid Environment Variable: programefiles

      < %appdata%\*.exe /ncn /s >
      [2013/03/13 04:51:41 | 004,954,944 | ---- | M] (Intel Corporation) -- C:\Users\Aaron\AppData\Roaming\Easeware\DriverEasy\drivers\ci2scqbd.4oi\infinst_autol.exe
      [2011/09/01 00:21:20 | 000,957,208 | ---- | M] (Intel Corporation) -- C:\Users\Aaron\AppData\Roaming\Easeware\DriverEasy\drivers\ieb3yfxs.wx1\Ssetup.exe
      [2008/02/26 21:06:46 | 000,188,416 | ---- | M] () -- C:\Users\Aaron\AppData\Roaming\Easeware\DriverEasy\drivers\ieb3yfxs.wx1\ia64\Difx64.exe
      [2010/02/11 06:17:24 | 000,106,496 | ---- | M] () -- C:\Users\Aaron\AppData\Roaming\Easeware\DriverEasy\drivers\ieb3yfxs.wx1\x64\Difx64.exe
      [2010/09/08 22:12:58 | 001,218,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Users\Aaron\AppData\Roaming\Easeware\DriverEasy\drivers\pxsxj3nb.emy\AsusSetup.exe
      [2012/08/31 15:41:40 | 004,305,879 | ---- | M] (Asmedia Technology) -- C:\Users\Aaron\AppData\Roaming\Easeware\DriverEasy\drivers\pxsxj3nb.emy\setup.exe
      [2013/03/13 04:01:20 | 003,013,736 | ---- | M] (Easeware ) -- C:\Users\Aaron\AppData\Roaming\Easeware\DriverEasy\updates\4.4.2.28732\DriverEasy_Setup.exe
      [2013/03/06 04:40:17 | 001,051,984 | ---- | M] (BitTorrent Inc.) -- C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe

      < %windir%\system32\*.sys /lockedfiles >

      < CREATERESTOREPOIN >
      [2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
      [2009/07/14 06:08:49 | 000,009,040 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
      [2013/03/02 19:21:46 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
      [2013/03/03 19:34:10 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
      [2013/03/03 19:34:11 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

      < End of report >

    4. #14
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Up2potential.net .(Re-abierto)

      Hola Etic

      Realiza lo siguiente:


      Ejecutar OTL.exe
      • Pegue el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:
        • NOTA: No copiar la palabra codigo.

        Código:
        :OTL
        PRC - C:\Users\Aaron\AppData\Local\Context2pro\libwindoc.exe ()
        PRC - C:\Users\Aaron\AppData\Local\Context2pro\conadvanced.exe ()
        MOD - C:\Users\Aaron\AppData\Local\Context2pro\libwindoc.exe ()
        MOD - C:\Users\Aaron\AppData\Local\Context2pro\conadvanced.exe ()
        FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
        O4 - HKLM..\Run: [] File not found
        O4 - HKCU..\Run: [conadvanced] C:\Users\Aaron\AppData\Local\Context2pro\conadvanced.exe ()
        O4 - HKCU..\Run: [contextfr] C:\Users\Aaron\AppData\Local\Context2pro\contextfr.exe ()
        O4 - HKCU..\Run: [contextprod] C:\Users\Aaron\AppData\Local\Context2pro\contextprod.exe ()
        [2013/03/06 05:01:53 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\Context2pro
        
        :files
        ipconfig /flushdns /c
        ipconfig /renew /c
        
        :commands
        [resethosts]
        [emptyflash]
        [emptytemp]
        [emptyjava]
        [Reboot]
      • Luego haga clic en el botón Reparar en la parte superior.
      • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
      • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.



      Nos comentas los resultados.

      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #15
      Usuario Avatar de Etic
      Registrado
      abr 2012
      Ubicación
      PSM
      Mensajes
      30

      Re: Up2potential.net .(Re-abierto)

      Aquí traigo el log:

      All processes killed
      ========== OTL ==========
      No active process named libwindoc.exe was found!
      No active process named conadvanced.exe was found!
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\conadvanced deleted successfully.
      C:\Users\Aaron\AppData\Local\Context2pro\conadvanced.exe moved successfully.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\contextfr deleted successfully.
      C:\Users\Aaron\AppData\Local\Context2pro\contextfr.exe moved successfully.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\contextprod deleted successfully.
      C:\Users\Aaron\AppData\Local\Context2pro\contextprod.exe moved successfully.
      C:\Users\Aaron\AppData\Local\Context2pro folder moved successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Windows IP Configuration
      Successfully flushed the DNS Resolver Cache.
      C:\Users\Aaron\Desktop\cmd.bat deleted successfully.
      C:\Users\Aaron\Desktop\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Windows IP Configuration
      No operation can be performed on Wireless Network Connection while it has its media disconnected.
      Ethernet adapter Local Area Connection:
      Connection-specific DNS Suffix . :
      Link-local IPv6 Address . . . . . : fe80::a408:f130:4cac:2753%12
      IPv4 Address. . . . . . . . . . . : 192.168.1.5
      Subnet Mask . . . . . . . . . . . : 255.255.255.0
      Default Gateway . . . . . . . . . : 192.168.1.1
      Wireless LAN adapter Wireless Network Connection:
      Media State . . . . . . . . . . . : Media disconnected
      Connection-specific DNS Suffix . :
      Tunnel adapter isatap.{78FA2178-FFB9-4D06-9624-3634AA28F786}:
      Media State . . . . . . . . . . . : Media disconnected
      Connection-specific DNS Suffix . :
      Tunnel adapter Teredo Tunneling Pseudo-Interface:
      Connection-specific DNS Suffix . :
      IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:24a8:202e:ab80:7c17
      Link-local IPv6 Address . . . . . : fe80::24a8:202e:ab80:7c17%11
      Default Gateway . . . . . . . . . : ::
      Tunnel adapter isatap.{C2DF67EE-9C3B-45B1-8874-D96928422BD1}:
      Media State . . . . . . . . . . . : Media disconnected
      Connection-specific DNS Suffix . :
      C:\Users\Aaron\Desktop\cmd.bat deleted successfully.
      C:\Users\Aaron\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: Aaron
      ->Flash cache emptied: 631 bytes

      User: All Users

      User: Default

      User: Default User

      User: Public

      User: UpdatusUser

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: Aaron
      ->Temp folder emptied: 46483152 bytes
      ->Temporary Internet Files folder emptied: 4969970 bytes
      ->Java cache emptied: 443485 bytes
      ->Google Chrome cache emptied: 37302002 bytes
      ->Flash cache emptied: 0 bytes

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Public

      User: UpdatusUser
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 453972 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
      RecycleBin emptied: 966108456 bytes

      Total Files Cleaned = 1.007,00 mb


      [EMPTYJAVA]

      User: Aaron
      ->Java cache emptied: 0 bytes

      User: All Users

      User: Default

      User: Default User

      User: Public

      User: UpdatusUser

      Total Java Files Cleaned = 0,00 mb


      OTL by OldTimer - Version 3.2.69.0 log created on 03192013_223324

      Files\Folders moved on Reboot...
      C:\Users\Aaron\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    6. #16
      Usuario Avatar de Etic
      Registrado
      abr 2012
      Ubicación
      PSM
      Mensajes
      30

      Re: Up2potential.net .(Re-abierto)

      ¿Así queda solucionado?

    7. #17
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Up2potential.net .(Re-abierto)

      Cita Originalmente publicado por Etic Ver Mensaje
      ¿Así queda solucionado?


      Hola:


      Eso deberías decirlo tu ? Se resolvió el problema? Desapareció la re-dirección?


      Nos comentas, así puedo ya indicarte como desinstalar OTL.


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #18
      Usuario Avatar de Etic
      Registrado
      abr 2012
      Ubicación
      PSM
      Mensajes
      30

      Re: Up2potential.net .(Re-abierto)

      Hola, pues parece que sí. Espero que no sea otra falsa alarma jeje. Por el momento bien GRacias.

    9. #19
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Up2potential.net .(Re-abierto)

      Hola Etic:


      Para terminar:


      Ejecutas OTL.exe:
      1. Haga click en el botón Limpiar.
      2. Se desintalarán las herramientas usadas durante el proceso de desinfección.
      3. Sea paciente mientras se realiza la desinstalación.
      4. Al terminar reinicie el sistema



      Prueba el equipo y luego nos comentas si todo sigue en orden para dar por resuelto el tema.




      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 2 de 2 PrimeroPrimero 12