• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 12

    OfferMosquito. (Solucionado)

    Resumen del tema: OfferMosquito. (Solucionado) - Buenas tardes, espero estar haciendo lo correcto respecto a como abrir un tema, hace dos días comenzó a abrirse mozilla firefox cuando iniciaba mi computadora y me decía que si quería añadir un plug-in, pero ...

      
    1. #1
      Usuario Avatar de NegroZ86
      Registrado
      dic 2012
      Ubicación
      Irapuato, Guana
      Mensajes
      15

      OfferMosquito. (Solucionado)

      Buenas tardes, espero estar haciendo lo correcto respecto a como abrir un tema, hace dos días comenzó a abrirse mozilla firefox cuando iniciaba mi computadora y me decía que si quería añadir un plug-in, pero el mismo Mozilla me decía que era potencialmente peligroso, he pasado mi antivirus NOD32 y el Malwarebytes así como el Spybot search&Destroy y ninguno parece encontrar nada, vi en un foro similar los pasos de utilizar el AT-Destroyer y el AdwCleaner les anexo los resultados a ver si pudieran echarme una ayuda por favor, abrí el tema porque en el misma tema citado anteriormente vi que le sugerían a otro usuario hacerlo. gracias

      AT- DESTROYER

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 21:29:50 \\\ 28/03/2013
      AT-Destroyer 2.1 By Infospyware ---> www.infospyware.com
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.10.9200.16521
      Mozilla Firefox:19.0.2.4814
      Google Chrome:25.0.1364.172
      Privilegios: Diego Zamudio - Administrador
      Modo Actual: Modo Seguro.
      Nombre del pc: DIEGOZAMUDIO-PC
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:Diego Zamudio
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<



      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<



      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/p/?LinkId=255141


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==about:blank


      HKEY_USERS\S-1-5-21-4142992494-2539286185-3239767659-1001\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==about:blank


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "http://google.com");


      >>>>>> Extensiones Firefox <<<<<<


      C:\Program Files (x86)\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.13.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Diego Zamudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\7
      C:\Users\Diego Zamudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\Diego Zamudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\Diego Zamudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk
      C:\Users\Diego Zamudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
      C:\Users\Diego Zamudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
      C:\Users\Diego Zamudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
      C:\Users\Diego Zamudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

      ======== Listado ===========

      [16/12/2012 05:26 p.m.] [16/12/2012 05:23 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Apple Computer
      [26/03/2013 07:29 p.m.] [16/12/2012 12:59 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\BitTorrent
      [30/12/2012 08:12 p.m.] [30/12/2012 07:31 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\BSplayer PRO
      [25/11/2012 09:33 p.m.] [25/11/2012 09:33 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [22/11/2012 11:34 p.m.] [22/11/2012 11:34 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [25/03/2013 06:39 p.m.] [25/03/2013 06:39 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Common
      [05/03/2013 09:08 a.m.] [05/03/2013 09:08 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\CrystalIdea Software
      [26/11/2012 12:37 a.m.] [26/11/2012 12:37 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\CyberLink
      [10/02/2013 08:17 a.m.] [13/10/2012 04:48 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\DAEMON Tools Lite
      [31/10/2012 06:45 p.m.] [31/10/2012 06:45 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Easeware
      [11/10/2012 09:52 p.m.] [11/10/2012 09:43 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Google
      [29/10/2012 07:22 p.m.] [29/10/2012 07:22 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\GRETECH
      [11/10/2012 08:05 a.m.] [11/10/2012 08:05 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Identities
      [11/10/2012 08:03 a.m.] [11/10/2012 08:03 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Intel
      [11/10/2012 08:05 a.m.] [11/10/2012 08:05 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Intel Corporation
      [28/03/2013 09:07 p.m.] [25/03/2013 06:39 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Intermediate
      [11/10/2012 08:05 a.m.] [11/10/2012 08:05 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Leadertech
      [11/10/2012 08:50 a.m.] [11/10/2012 08:50 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Macromedia
      [27/11/2012 10:32 p.m.] [27/11/2012 10:32 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Malwarebytes
      [10/10/2011 03:19 a.m.] [11/10/2012 08:03 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Media Center Programs
      [25/10/2012 09:48 p.m.] [25/10/2012 09:48 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Media Player Classic
      [12/01/2013 09:56 a.m.] [11/10/2012 08:03 a.m.] [SDI] C:\Users\Diego Zamudio\AppData\Roaming\Microsoft
      [15/12/2012 11:47 a.m.] [15/12/2012 11:44 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Mipony
      [26/03/2013 11:25 p.m.] [23/02/2013 09:13 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\MotoCast
      [23/02/2013 09:16 a.m.] [23/02/2013 09:15 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Motorola
      [23/02/2013 09:17 a.m.] [23/02/2013 09:17 a.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Motorola Mobility
      [24/10/2012 09:48 p.m.] [24/10/2012 09:48 p.m.] [D] C:\Users\Diego Zamudio\AppData\Roaming\Mozilla
      [25/10/2012 09:45 p.m.] [25/10/2012 09:45 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Nullsoft
      [25/11/2012 09:38 p.m.] [25/11/2012 09:38 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\NVIDIA
      [25/11/2012 09:32 p.m.] [25/11/2012 09:32 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\PACE Anti-Piracy
      [13/10/2012 06:07 p.m.] [13/10/2012 06:07 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\PC Remote
      [05/03/2013 09:36 p.m.] [05/03/2013 09:35 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\PhotoScape
      [21/01/2013 04:57 p.m.] [29/11/2012 02:27 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\Skype
      [02/12/2012 12:53 p.m.] [02/12/2012 12:53 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
      [13/10/2012 01:46 p.m.] [13/10/2012 01:27 p.m.] [DI] C:\Users\Diego Zamudio\AppData\Roaming\WinRAR
      [25/11/2012 04:01 p.m.] [25/11/2012 04:01 p.m.] [D] C:\Program Files (x86)\Adobe Download Assistant
      [11/10/2012 08:04 a.m.] [11/10/2012 08:04 a.m.] [D] C:\Program Files (x86)\Amazon
      [27/10/2012 11:35 a.m.] [11/10/2012 08:04 a.m.] [D] C:\Program Files (x86)\Amazon Browser Bar
      [30/12/2012 07:15 p.m.] [30/12/2012 07:15 p.m.] [D] C:\Program Files (x86)\BitTorrent
      [05/01/2013 09:19 a.m.] [05/01/2013 09:18 a.m.] [D] C:\Program Files (x86)\Cheat Engine 6.2
      [01/11/2012 03:38 p.m.] [01/11/2012 03:38 p.m.] [D] C:\Program Files (x86)\Cisco
      [05/03/2013 08:36 a.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Common Files
      [05/09/2012 03:17 p.m.] [05/09/2012 03:17 p.m.] [D] C:\Program Files (x86)\Cyberlink
      [10/02/2013 08:20 a.m.] [10/02/2013 08:20 a.m.] [D] C:\Program Files (x86)\DAEMON Tools Lite
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [27/10/2012 11:35 a.m.] [25/10/2012 09:46 p.m.] [D] C:\Program Files (x86)\Essentials Codec Pack
      [05/09/2012 03:17 p.m.] [05/09/2012 03:17 p.m.] [D] C:\Program Files (x86)\Google
      [29/10/2012 07:22 p.m.] [29/10/2012 07:22 p.m.] [D] C:\Program Files (x86)\GRETECH
      [23/02/2013 09:16 a.m.] [05/09/2012 02:43 p.m.] [HD] C:\Program Files (x86)\InstallShield Installation Information
      [18/11/2012 06:29 p.m.] [05/09/2012 02:32 p.m.] [D] C:\Program Files (x86)\Intel
      [05/09/2012 03:03 p.m.] [05/09/2012 03:03 p.m.] [D] C:\Program Files (x86)\Intel Corporation
      [14/03/2013 10:58 p.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Internet Explorer
      [05/02/2013 07:45 p.m.] [01/12/2012 07:07 p.m.] [D] C:\Program Files (x86)\Java
      [27/10/2012 11:35 a.m.] [05/09/2012 02:43 p.m.] [D] C:\Program Files (x86)\JMicron
      [05/09/2012 03:19 p.m.] [05/09/2012 03:12 p.m.] [D] C:\Program Files (x86)\Lenovo
      [27/10/2012 11:37 a.m.] [05/09/2012 03:14 p.m.] [D] C:\Program Files (x86)\Lenovo Registration
      [27/10/2012 11:38 a.m.] [05/09/2012 02:43 p.m.] [D] C:\Program Files (x86)\LockKey
      [28/12/2012 09:18 a.m.] [27/11/2012 10:32 p.m.] [D] C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [13/10/2012 05:25 p.m.] [13/10/2012 05:25 p.m.] [D] C:\Program Files (x86)\Microsoft Analysis Services
      [29/10/2012 05:54 p.m.] [05/09/2012 03:12 p.m.] [D] C:\Program Files (x86)\Microsoft Office
      [14/03/2013 04:41 p.m.] [26/11/2012 12:26 a.m.] [D] C:\Program Files (x86)\Microsoft Silverlight
      [05/09/2012 03:10 p.m.] [05/09/2012 03:10 p.m.] [D] C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      [13/10/2012 05:29 p.m.] [28/02/2011 12:11 p.m.] [D] C:\Program Files (x86)\Microsoft.NET
      [23/02/2013 09:16 a.m.] [23/02/2013 09:15 a.m.] [D] C:\Program Files (x86)\Motorola
      [23/02/2013 09:17 a.m.] [23/02/2013 09:17 a.m.] [D] C:\Program Files (x86)\Motorola Media Link
      [23/02/2013 09:27 a.m.] [23/02/2013 09:16 a.m.] [D] C:\Program Files (x86)\Motorola Mobility
      [09/03/2013 08:35 p.m.] [09/03/2013 08:35 p.m.] [D] C:\Program Files (x86)\Mozilla Firefox
      [11/03/2013 08:21 a.m.] [19/10/2012 07:05 p.m.] [D] C:\Program Files (x86)\Mozilla Maintenance Service
      [14/07/2009 12:32 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\MSBuild
      [23/02/2013 09:16 a.m.] [23/02/2013 09:16 a.m.] [D] C:\Program Files (x86)\MSXML 4.0
      [25/11/2012 08:30 p.m.] [25/11/2012 08:30 p.m.] [D] C:\Program Files (x86)\My Company Name
      [10/02/2013 08:32 a.m.] [10/02/2013 08:23 a.m.] [D] C:\Program Files (x86)\Need for Speed Most Wanted
      [29/10/2012 05:36 p.m.] [05/09/2012 02:37 p.m.] [D] C:\Program Files (x86)\NVIDIA Corporation
      [03/01/2013 07:27 p.m.] [03/01/2013 07:27 p.m.] [D] C:\Program Files (x86)\QuickTime
      [01/11/2012 06:19 p.m.] [05/09/2012 02:44 p.m.] [D] C:\Program Files (x86)\Realtek
      [14/07/2009 12:32 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Reference Assemblies
      [29/11/2012 02:28 p.m.] [29/11/2012 02:27 p.m.] [RD] C:\Program Files (x86)\Skype
      [27/11/2012 09:55 p.m.] [27/11/2012 09:54 p.m.] [D] C:\Program Files (x86)\Spybot - Search & Destroy 2
      [27/10/2012 11:38 a.m.] [05/09/2012 03:18 p.m.] [D] C:\Program Files (x86)\SugarSync
      [05/03/2013 09:09 p.m.] [05/03/2013 09:09 p.m.] [D] C:\Program Files (x86)\TeamViewer
      [03/01/2013 07:27 p.m.] [03/01/2013 07:27 p.m.] [D] C:\Program Files (x86)\TechSmith
      [01/11/2012 06:48 p.m.] [05/09/2012 02:52 p.m.] [HD] C:\Program Files (x86)\Temp
      [04/01/2013 01:16 a.m.] [04/01/2013 01:16 a.m.] [D] C:\Program Files (x86)\UMPlayer
      [13/07/2009 11:57 p.m.] [13/07/2009 11:57 p.m.] [HD] C:\Program Files (x86)\Uninstall Information
      [30/12/2012 08:12 p.m.] [30/12/2012 07:31 p.m.] [D] C:\Program Files (x86)\Webteh
      [27/10/2012 11:38 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Defender
      [05/09/2012 03:11 p.m.] [05/09/2012 03:10 p.m.] [D] C:\Program Files (x86)\Windows Live
      [27/10/2012 11:38 a.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Windows Mail
      [29/10/2012 05:36 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Media Player
      [14/07/2009 12:32 a.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Windows NT
      [13/10/2012 04:12 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Photo Viewer
      [20/11/2010 09:31 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Portable Devices
      [27/10/2012 11:38 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Sidebar
      [15/02/2013 08:37 a.m.] [05/09/2012 03:09 p.m.] [DI] C:\ProgramData\Adobe
      [16/12/2012 05:21 p.m.] [16/12/2012 05:20 p.m.] [DI] C:\ProgramData\Apple
      [30/12/2012 06:52 p.m.] [16/12/2012 05:22 p.m.] [DI] C:\ProgramData\Apple Computer
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Application Data
      [04/11/2012 01:04 p.m.] [26/10/2012 08:26 a.m.] [D] C:\ProgramData\AVAST Software
      [30/12/2012 08:04 p.m.] [30/12/2012 08:04 p.m.] [HD] C:\ProgramData\Common Files
      [26/11/2012 12:39 a.m.] [26/11/2012 12:39 a.m.] [DI] C:\ProgramData\CyberLink
      [06/01/2013 02:24 a.m.] [13/10/2012 04:46 p.m.] [DI] C:\ProgramData\DAEMON Tools Lite
      [11/10/2012 08:03 a.m.] [11/10/2012 08:03 a.m.] [HSDLI] C:\ProgramData\Datos de programa
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Desktop
      [11/10/2012 08:03 a.m.] [11/10/2012 08:03 a.m.] [HSDLI] C:\ProgramData\Documentos
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Documents
      [05/09/2012 03:18 p.m.] [05/09/2012 03:18 p.m.] [DI] C:\ProgramData\Downloaded Installations
      C:\ProgramData\DP45977C.lfl [HAI] 0 bytes 0
      [11/10/2012 08:03 a.m.] [11/10/2012 08:03 a.m.] [HSDLI] C:\ProgramData\Escritorio
      [04/11/2012 12:20 p.m.] [04/11/2012 12:20 p.m.] [DI] C:\ProgramData\ESET
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Favorites
      [11/10/2012 08:03 a.m.] [11/10/2012 08:03 a.m.] [HSDLI] C:\ProgramData\Favoritos
      [05/09/2012 03:18 p.m.] [05/09/2012 03:17 p.m.] [DI] C:\ProgramData\Google
      [18/11/2012 06:29 p.m.] [05/09/2012 02:36 p.m.] [DI] C:\ProgramData\Intel
      [27/11/2012 10:32 p.m.] [27/11/2012 10:32 p.m.] [DI] C:\ProgramData\Malwarebytes
      [11/10/2012 08:03 a.m.] [11/10/2012 08:03 a.m.] [HSDLI] C:\ProgramData\Menú Inicio
      [27/11/2012 09:55 p.m.] [13/07/2009 10:20 p.m.] [SDI] C:\ProgramData\Microsoft
      [14/03/2013 09:10 a.m.] [12/10/2012 08:04 p.m.] [DI] C:\ProgramData\Microsoft Help
      [23/02/2013 09:17 a.m.] [23/02/2013 09:17 a.m.] [DI] C:\ProgramData\Motorola
      [19/10/2012 07:05 p.m.] [19/10/2012 07:05 p.m.] [DI] C:\ProgramData\Mozilla
      [23/02/2013 09:17 a.m.] [23/02/2013 09:17 a.m.] [DI] C:\ProgramData\Nero
      [29/10/2012 05:34 p.m.] [05/09/2012 02:37 p.m.] [DI] C:\ProgramData\NVIDIA
      [05/09/2012 02:37 p.m.] [05/09/2012 02:37 p.m.] [DI] C:\ProgramData\NVIDIA Corporation
      [04/01/2013 01:16 a.m.] [04/01/2013 01:16 a.m.] [DI] C:\ProgramData\OEM Links
      [27/10/2012 11:38 a.m.] [05/09/2012 03:18 p.m.] [DI] C:\ProgramData\OneKey Recovery
      [25/11/2012 09:32 p.m.] [25/11/2012 09:32 p.m.] [DI] C:\ProgramData\PACE Anti-Piracy
      [11/10/2012 08:03 a.m.] [11/10/2012 08:03 a.m.] [HSDLI] C:\ProgramData\Plantillas
      [25/11/2012 08:55 p.m.] [25/11/2012 08:55 p.m.] [DI] C:\ProgramData\regid.1986-12.com.adobe
      [05/09/2012 02:54 p.m.] [05/09/2012 02:54 p.m.] [DI] C:\ProgramData\Roaming
      [29/11/2012 02:28 p.m.] [29/11/2012 02:27 p.m.] [DI] C:\ProgramData\Skype
      [28/11/2012 11:02 a.m.] [27/11/2012 09:55 p.m.] [DI] C:\ProgramData\Spybot - Search & Destroy
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Start Menu
      [22/11/2012 11:29 p.m.] [22/11/2012 11:29 p.m.] [DI] C:\ProgramData\Sun
      [03/01/2013 07:27 p.m.] [03/01/2013 07:27 p.m.] [DI] C:\ProgramData\TechSmith
      [05/09/2012 03:18 p.m.] [05/09/2012 03:15 p.m.] [DI] C:\ProgramData\Temp
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Templates
      [28/03/2013 09:16 p.m.] [05/09/2012 03:17 p.m.] [DI] C:\ProgramData\VeriFace
      [05/09/2012 03:15 p.m.] [05/09/2012 03:15 p.m.] [DI] C:\ProgramData\YouCam

      ==================== EOF ==================

      ADWCLEANER.EXE

      # AdwCleaner v2.115 - Fichero creado el 28/03/2013 a 21:14:49
      # Actualizado el 17/03/2013 por Xplode
      # Sistema operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
      # Usuario : Diego Zamudio - DIEGOZAMUDIO-PC
      # Modo de inicio : Normal
      # Ejecutado desde : C:\Users\Diego Zamudio\Downloads\adwcleaner.exe
      # Opción [Supresión]


      ***** [Servicios] *****


      ***** [Ficheros / Carpetas] *****

      Carpeta Suprimido : C:\Program Files (x86)\DefaultTab
      Carpeta Suprimido : C:\ProgramData\InstallMate
      Carpeta Suprimido : C:\ProgramData\Partner
      Carpeta Suprimido : C:\ProgramData\Premium
      Carpeta Suprimido : C:\Users\Diego Zamudio\AppData\Local\fbDownloader
      Carpeta Suprimido : C:\Users\Diego Zamudio\AppData\Roaming\DataMgr
      Carpeta Suprimido : C:\Users\Diego Zamudio\AppData\Roaming\fbDownloader
      Carpeta Suprimido : C:\Users\Diego Zamudio\AppData\Roaming\HMN
      Carpeta Suprimido : C:\Users\Diego Zamudio\AppData\Roaming\Mozilla\Firefox\Profiles\37gyf715.default\extensions\staged
      Carpeta Suprimido : C:\Users\Diego Zamudio\AppData\Roaming\OpenCandy
      Carpeta Suprimido : C:\Users\Diego Zamudio\AppData\Roaming\SDIV 2.0

      ***** [Registro] *****

      Clave Supprimida : HKCU\Software\Alexa Internet
      Clave Supprimida : HKCU\Software\Conduit
      Clave Supprimida : HKCU\Software\FBDownloader
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{553318DA-D010-469E-84B1-496563CAE1BF}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{553318DA-D010-469E-84B1-496563CAE1BF}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
      Clave Supprimida : HKCU\Software\Softonic
      Clave Supprimida : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
      Clave Supprimida : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
      Clave Supprimida : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy
      Clave Supprimida : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy.1
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
      Clave Supprimida : HKLM\SOFTWARE\Classes\FBDownloader.BHO
      Clave Supprimida : HKLM\SOFTWARE\Classes\FBDownloader.DownloadPhoto
      Clave Supprimida : HKLM\SOFTWARE\Classes\FBDownloader.DownloadPhoto.1
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
      Clave Supprimida : HKLM\Software\Conduit
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{553318DA-D010-469E-84B1-496563CAE1BF}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{553318DA-D010-469E-84B1-496563CAE1BF}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{598B7D72-2C44-4351-BBC8-3DACE2A10CB6}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
      Clave Supprimida : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{553318DA-D010-469E-84B1-496563CAE1BF}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
      Valor Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]

      ***** [Navegadores] *****

      -\\ Internet Explorer v10.0.9200.16521

      [OK] El registro no contiene ninguna entrada ilegítima.

      -\\ Mozilla Firefox v19.0.2 (es-MX)

      Fichero : C:\Users\Diego Zamudio\AppData\Roaming\Mozilla\Firefox\Profiles\dwzuf51c.default\prefs.js

      [OK] El fichero no contiene ninguna entrada ilegítima.

      -\\ Google Chrome v25.0.1364.172

      Fichero : C:\Users\Diego Zamudio\AppData\Local\Google\Chrome\User Data\Default\Preferences

      [OK] El fichero no contiene ninguna entrada ilegítima.

      *************************

      AdwCleaner[S1].txt - [8516 octets] - [28/03/2013 21:14:49]

      ########## EOF - C:\AdwCleaner[S1].txt - [8576 octets] ##########

      MALWAREBYTES

      Malwarebytes Anti-Malware (PRO) 1.70.0.1100
      www.malwarebytes.org

      Versión de la Base de Datos: v2013.03.28.13

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 10.0.9200.16521
      Diego Zamudio :: DIEGOZAMUDIO-PC [administrador]

      Protección: Habilitado

      28/03/2013 09:34:09 p.m.
      mbam-log-2013-03-28 (21-34-09).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 377545
      Tiempo transcurrido: 48 minuto(s), 33 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)


      Debo mencionar que después de reiniciar la computadora al utilizar los programas me salio en GoogleChrome que una nueva extensión se haba añadido y era la de mosquitooffer... ojala lo que les envío sirva para poder resolver el problema, Gracias de antemano por su ayuda.

    2. #2
      Moderadora Gral.
      Avatar de SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      21.836

      Re: OfferMosquito

      Hola NegroZ86

      al Foro.

      Consejos para antes de publicar un nuevo mensaje

      Políticas del Foro de InfoSpyware

      Políticas Foro Oficial de HijackThis en español
      --------------------------------------------------

      Realiza lo siguiente:


      Paso 1.-: Descarga:




      Paso 2.-: Ejecutas en Orden:

      ComboFix

      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Si te pide actualizar, Aceptas.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.


      Nota Importante: Luego del primer reinicio que realiza el programa Combofix, realiza un reinicio mas.



      OTL

      • Cierra todas las ventanas y programas abiertos. Hacer doble clic sobre OTL.exe para ejecutarla.
      • En Tipo de Análisis marcar la casilla "Resultado Mínimo".

        Por ultimo selecciona:
        • Usar listado de Compañías Reconocidas
        • Omitir Archivos de Microsoft
        • Buscar Lop

      • Copia el siguiente texto (excluyendo la palabra Código)::
      Código:
      netsvcs
      msconfig
      %systemdrive%\*.*
      %programefiles%
      %appdata%\*.exe /ncn /s
      %windir%\system32\*.sys /lockedfiles
      CREATERESTOREPOIN
      • Pega el script bajo la casilla Análisis Personalizados/Código de Reparación



      • Hacer clic en el botón Analizar y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos, OTL.Txt & Extras.Txt, estos estarán grabados en tu escritorio.


      • Para terminar abres el archivo OTL.Txt, copia y pega todo su contenido en tu próxima respuesta.






      Nos traes los reportes que te generaron las herramientas.


      Salu2

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de NegroZ86
      Registrado
      dic 2012
      Ubicación
      Irapuato, Guana
      Mensajes
      15

      Re: OfferMosquito

      ANEXO LOS RESULTADOS DE COMBOFIX.EXE

      ComboFix 13-03-28.01 - Diego Zamudio 29/03/2013 9:14.2.8 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.3082.18.6046.4144 [GMT -6:00]
      Running from: c:\users\Diego Zamudio\Downloads\ComboFix.exe
      AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
      SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
      SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
      .
      .
      ((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-29 )))))))))))))))))))))))))))))))
      .
      .
      2013-03-29 15:17 . 2013-03-29 15:17 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
      2013-03-29 15:17 . 2013-03-29 15:17 -------- d-----w- c:\users\Default\AppData\Local\temp
      2013-03-29 04:08 . 2013-03-29 04:20 -------- d-----w- c:\users\Diego Zamudio\AppData\Roaming\GlarySoft
      2013-03-29 04:07 . 2013-03-29 04:07 -------- d-----w- c:\program files (x86)\Glary Utilities
      2013-03-29 03:14 . 2013-03-29 03:29 -------- d-----w- C:\_AT-Destroyer
      2013-03-26 22:26 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E004090C-A83E-4F37-904E-8A771F380D3A}\mpengine.dll
      2013-03-26 00:39 . 2013-03-29 03:07 -------- d-----w- c:\users\Diego Zamudio\AppData\Roaming\Intermediate
      2013-03-26 00:39 . 2013-03-26 00:39 -------- d-----w- c:\users\Diego Zamudio\AppData\Roaming\Common
      2013-03-15 04:11 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
      2013-03-12 05:46 . 2013-03-12 05:46 -------- d-----w- c:\users\Public\CyberLink
      2013-03-06 03:35 . 2013-03-06 03:36 -------- d-----w- c:\users\Diego Zamudio\AppData\Roaming\PhotoScape
      2013-03-06 03:09 . 2013-03-06 03:09 -------- d-----w- c:\program files (x86)\TeamViewer
      2013-03-05 15:08 . 2013-03-05 15:08 -------- d-----w- c:\users\Diego Zamudio\AppData\Roaming\CrystalIdea Software
      2013-03-02 13:14 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
      2013-03-02 13:14 . 2013-01-13 19:53 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
      2013-03-02 13:14 . 2013-01-04 06:11 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
      2013-03-02 13:14 . 2013-01-13 19:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
      2013-03-02 13:14 . 2013-01-13 19:02 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
      2013-03-02 13:14 . 2013-01-13 18:32 465920 ----a-w- c:\windows\system32\WMPhoto.dll
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-03-14 15:09 . 2012-10-13 20:37 72013344 ----a-w- c:\windows\system32\MRT.exe
      2013-03-13 03:02 . 2012-10-17 18:37 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-03-13 03:02 . 2012-10-17 18:37 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2013-02-12 05:45 . 2013-03-14 14:32 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
      2013-02-12 05:45 . 2013-03-14 14:32 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
      2013-02-12 05:45 . 2013-03-14 14:32 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
      2013-02-12 05:45 . 2013-03-14 14:32 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
      2013-02-12 04:48 . 2013-03-14 14:32 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
      2013-02-12 04:48 . 2013-03-14 14:32 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
      2013-02-10 14:20 . 2013-02-10 14:20 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
      2013-02-07 17:50 . 2013-02-07 16:51 74703 ----a-w- c:\windows\SysWow64\mfc45.dat
      2013-02-06 01:45 . 2013-02-06 01:45 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2013-02-06 01:45 . 2012-11-23 05:28 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2013-02-06 01:45 . 2012-11-23 05:28 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2013-01-17 07:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
      2013-01-05 05:53 . 2013-02-13 00:12 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
      2013-01-05 05:00 . 2013-02-13 00:12 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
      2013-01-05 05:00 . 2013-02-13 00:12 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
      2013-01-04 05:46 . 2013-02-13 00:12 215040 ----a-w- c:\windows\system32\winsrv.dll
      2013-01-04 04:51 . 2013-02-13 00:12 5120 ----a-w- c:\windows\SysWow64\wow32.dll
      2013-01-04 04:43 . 2013-02-13 00:12 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2013-01-04 03:26 . 2013-02-13 00:12 3153408 ----a-w- c:\windows\system32\win32k.sys
      2013-01-04 02:47 . 2013-02-13 00:12 25600 ----a-w- c:\windows\SysWow64\setup16.exe
      2013-01-04 02:47 . 2013-02-13 00:12 7680 ----a-w- c:\windows\SysWow64\instnm.exe
      2013-01-04 02:47 . 2013-02-13 00:12 2048 ----a-w- c:\windows\SysWow64\user.exe
      2013-01-04 02:47 . 2013-02-13 00:12 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
      2013-01-03 06:00 . 2013-02-13 00:12 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2013-01-03 06:00 . 2013-02-13 00:12 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{008f6853-9cb4-41c5-a950-39d55e5e06ba}]
      c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll [BU]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F443A627-5009-4323-9C1D-7FD598D0D712}]
      c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll [BU]
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
      "Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]
      "Intermediate"="c:\users\Diego Zamudio\AppData\Roaming\Intermediate\Intermediate.exe" [2012-12-19 41984]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
      "YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
      "VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-09-05 329056]
      "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
      "UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
      "LockKey"="c:\program files (x86)\LockKey\LockKey.exe" [2011-08-25 337776]
      "Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
      "Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272]
      "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-2-1 1380128]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)
      "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
      BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
      @=""
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
      R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
      R2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe [2011-12-23 120160]
      R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
      R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
      R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
      R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
      R3 AMPPALP;Protocolo Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
      R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
      R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-30 6144]
      R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
      R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
      R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-26 34200]
      R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2012-06-07 174200]
      R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
      R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [2009-07-10 31744]
      R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2012-06-11 22016]
      R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2012-01-25 9728]
      R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2012-06-08 27136]
      R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [2011-11-08 11776]
      R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-06-25 272688]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-13 1255736]
      R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
      S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2012-09-05 57952]
      S0 iusb3hcs;Controlador del conmutador de la controladora de host Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
      S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-09-05 39008]
      S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys [2011-12-23 24160]
      S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
      S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2012-09-05 13408]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-10 283200]
      S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
      S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
      S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys [2011-12-21 59488]
      S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
      S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
      S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-09-08 87992]
      S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
      S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
      S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
      S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
      S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
      S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-10-23 120728]
      S2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2011-09-02 65657]
      S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
      S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
      S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-06-25 3325232]
      S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-09-05 30816]
      S3 AMPPAL;Adaptador virtual Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
      S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-28 31088]
      S3 hswpan;WPAN Driver;c:\windows\system32\DRIVERS\hswpan.sys [2012-01-27 109056]
      S3 IntcDAud;Sonido Intel(R) para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
      S3 iusb3hub;Controlador del concentrador Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
      S3 iusb3xhc;Controlador de la controladora de host Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
      S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-26 25496]
      S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]
      S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys [2012-05-17 8223464]
      .
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2013-03-14 14:33 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-03-29 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-17 03:02]
      .
      2013-03-29 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files (x86)\Glary Utilities\initialize.exe [2013-03-29 23:21]
      .
      2013-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05 20:17]
      .
      2013-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05 20:17]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
      @="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
      [HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
      2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
      @="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
      [HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
      2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
      @="{A759AFF6-5851-457D-A540-F4ECED148351}"
      [HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
      2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
      @="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
      [HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
      2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
      @="{771C7324-DA80-49D3-8017-753B0AF60951}"
      [HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
      2012-09-05 20:17 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
      "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
      "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
      "SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-08-21 13192848]
      "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-17 1215632]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
      "OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-09-05 789856]
      "Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-09-05 206176]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
      "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-09-05 6202416]
      "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-09-05 8079408]
      "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
      FontCache
      .
      ------- Supplementary Scan -------
      .
      uStart Page = Google
      uLocal Page = c:\windows\system32\blank.htm
      mStart Page = Google
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = 192.168.*.*
      IE: &Enviar a OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
      TCP: DhcpNameServer = 192.168.1.254
      FF - ProfilePath - c:\users\Diego Zamudio\AppData\Roaming\Mozilla\Firefox\Profiles\dwzuf51c.default\
      FF - prefs.js: browser.search.defaulturl - Google
      FF - prefs.js: browser.search.selectedEngine - Google
      FF - prefs.js: browser.startup.homepage - hxxp://google.com
      FF - prefs.js: keyword.URL - hxxps://www.google.com/search?q=
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      Notify-SDWinLogon - SDWinLogon.dll
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
      @Denied: (A) (Everyone)
      "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
      .
      [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
      @Denied: (A) (Everyone)
      .
      [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
      "Key"="ActionsPane3"
      "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2013-03-29 09:19:10
      ComboFix-quarantined-files.txt 2013-03-29 15:19
      ComboFix2.txt 2013-03-29 15:00
      .
      Pre-Run: 755,103,969,280 bytes libres
      Post-Run: 755,018,551,296 bytes libres
      .
      - - End Of File - - D394F4A73665499C0B9014477DCC58B0

    4. #4
      Usuario Avatar de NegroZ86
      Registrado
      dic 2012
      Ubicación
      Irapuato, Guana
      Mensajes
      15

      Re: OfferMosquito

      Y RESULTADOS DE OTL

      OTL logfile created on: 29/03/2013 09:29:15 a.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Diego Zamudio\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.10.9200.16521)
      Locale: 0000080A | Country: México | Language: ESM | Date Format: dd/MM/yyyy

      5.90 Gb Total Physical Memory | 3.83 Gb Available Physical Memory | 64.92% Memory free
      11.81 Gb Paging File | 9.51 Gb Available in Paging File | 80.52% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 886.32 Gb Total Space | 703.30 Gb Free Space | 79.35% Space Free | Partition Type: NTFS
      Drive D: | 25.47 Gb Total Space | 21.68 Gb Free Space | 85.11% Space Free | Partition Type: NTFS
      Drive E: | 616.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

      Computer Name: DIEGOZAMUDIO-PC | User Name: Diego Zamudio | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Diego Zamudio\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
      PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
      PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
      PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
      PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
      PRC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe ()
      PRC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe ()
      PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
      PRC - C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe (Nero AG)
      PRC - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
      PRC - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe ()
      PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
      PRC - C:\Archivos de programa\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
      PRC - C:\Archivos de programa\Lenovo\Intelligent Touchpad\TouchZone.exe ()
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (Motorola)
      PRC - C:\Program Files (x86)\LockKey\LockKey.exe ( )
      PRC - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)


      ========== Modules (No Company Name) ==========

      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\806c4ba7d696ab586ffd774a31f1a66b\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cbb7db665b3ba25a931258eb702527f5\System.Xaml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab2d590a7a1566fe78e3275a90a30ceb\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f28a346ae10e2eec581608f591cf7116\PresentationFramework.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8983c040161b34c64474f195bff5e2de\PresentationCore.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\08bebcf66ad666dfdf2a4a934d79c0f9\System.Core.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\5dbabea688adfc665e3453561736699a\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb72ac8478a5ea7e2d570bb710ecb1c1\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b83993cc955262507c8ead67567c8060\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7d6b122bee0977d953ee2409d74c3c25\PresentationFramework.Aero.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll ()
      MOD - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe ()
      MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_es_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
      MOD - C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll ()
      MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe ()
      MOD - C:\Archivos de programa\Lenovo\Intelligent Touchpad\TouchZone.exe ()
      MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll ()
      MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (NSDSvc) -- C:\Windows\SysNative\NSDSvc.exe (Lenovo)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (Motorola Device Manager) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe ()
      SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
      SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
      SRV - (DeviceMonitorService) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe (Nero AG)
      SRV - (ZeroConfigService) -- C:\Archivos de programa\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
      SRV - (MyWiFiDHCPDNS) -- C:\Archivos de programa\Intel\WiFi\bin\PanDhcpDns.exe ()
      SRV - (EvtEng) -- C:\Archivos de programa\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
      SRV - (RegSrvc) -- C:\Archivos de programa\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
      SRV - (BTHSSecurityMgr) -- C:\Archivos de programa\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
      SRV - (AMPPALR3) -- C:\Archivos de programa\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
      SRV - (ekrn) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
      SRV - (Intel(R) -- C:\Archivos de programa\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
      SRV - (btwdins) -- C:\Archivos de programa\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
      SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      SRV - (PST Service) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (Motorola)
      SRV - (wlcrasvc) -- C:\Archivos de programa\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (fbfmon) -- C:\Windows\SysNative\drivers\fbfmon.sys (Lenovo)
      DRV:64bit: - (BPntDrv) -- C:\Windows\SysNative\drivers\BPntDrv.sys (Lenovo)
      DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.)
      DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (motccgp) -- C:\Windows\SysNative\drivers\motccgp.sys (Motorola Mobility Inc)
      DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\drivers\Motousbnet.sys (Motorola Mobility Inc)
      DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\drivers\motswch.sys (Motorola)
      DRV:64bit: - (motmodem) -- C:\Windows\SysNative\drivers\motmodem.sys (Motorola Mobility Inc)
      DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
      DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\Netwsw00.sys (Intel Corporation)
      DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
      DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
      DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
      DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
      DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
      DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
      DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
      DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
      DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Qualcomm Atheros Co., Ltd.)
      DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
      DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\drivers\bcbtums.sys (Broadcom Corporation.)
      DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
      DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
      DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
      DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
      DRV:64bit: - (hswpan) -- C:\Windows\SysNative\drivers\hswpan.sys (Ozmo Inc)
      DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
      DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
      DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\drivers\motccgpfl.sys (Motorola Mobility Inc)
      DRV:64bit: - (NSD) -- C:\Windows\SysNative\drivers\nsd.sys (Lenovo Corporation")
      DRV:64bit: - (Nsdfltr) -- C:\Windows\SysNative\drivers\Nsdfltr.sys (Lenovo Corporation)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\drivers\motusbdevice.sys (Motorola Inc)
      DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
      DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
      DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
      DRV:64bit: - (motandroidusb) -- C:\Windows\SysNative\drivers\motoandroid.sys (Motorola)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\drivers\motfilt.sys (Motorola Inc)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
      IE - HKCU\..\SearchScopes,DefaultScope =
      IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7KMOH_enMX512
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "(Google)"
      FF - prefs.js..browser.search.defaulturl: "www.Google.com"
      FF - prefs.js..browser.search.order.1: "(Google)"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
      FF - prefs.js..keyword.URL: "https://www.google.com/search?q="
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Diego Zamudio\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
      FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll File not found

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Diego Zamudio\AppData\Roaming\iPumper\extension_firefox.xpi
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 20:35:07 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/11/04 12:20:36 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 20:35:07 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

      [2012/10/24 20:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Diego Zamudio\AppData\Roaming\Mozilla\Extensions
      [2013/03/28 21:14:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Diego Zamudio\AppData\Roaming\Mozilla\Firefox\Profiles\37gyf715.default\extensions
      [2013/03/28 22:22:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Diego Zamudio\AppData\Roaming\Mozilla\Firefox\Profiles\dwzuf51c.default\extensions
      [2013/02/14 07:49:10 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Diego Zamudio\AppData\Roaming\Mozilla\Firefox\Profiles\dwzuf51c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2013/03/09 20:35:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2013/03/09 20:35:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      [2013/03/09 20:35:07 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/10/10 2227 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/10/10 2227 | 000,002,456 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolibre-mx.xml
      [2012/10/10 2227 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/10/10 2227 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-mx.xml

      ========== Chrome ==========

      CHR - default_search_provider: Search Here (Enabled)
      CHR - default_search_provider: search_url = http://www.mysearchresults.com/search?&c=3505&t=07&q={searchTerms}
      CHR - default_search_provider: suggest_url =
      CHR - homepage: Google
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
      CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
      CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
      CHR - plugin: Java(TM) Platform SE 7 U13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
      CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
      CHR - Extension: AdBlock = C:\Users\Diego Zamudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
      CHR - Extension: AdBlock = C:\Users\Diego Zamudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\

      O1 HOSTS File: ([2013/03/29 09:17:40 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
      O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (TBLayoutBHO Class) - {008f6853-9cb4-41c5-a950-39d55e5e06ba} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll File not found
      O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O2 - BHO: (AlxHelper Class) - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll File not found
      O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
      O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
      O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
      O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
      O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4:64bit: - HKLM..\Run: [SynLenovoGestureMgr] C:\Archivos de programa\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics)
      O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      O4 - HKLM..\Run: [Intelligent Touchpad] C:\Archivos de programa\Lenovo\Intelligent Touchpad\TouchZone.exe ()
      O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
      O4 - HKLM..\Run: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe ( )
      O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
      O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
      O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
      O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
      O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
      O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      O4 - HKCU..\Run: [Intermediate] C:\Users\Diego Zamudio\AppData\Roaming\Intermediate\Intermediate.exe ()
      O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O8:64bit: - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
      O9:64bit: - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O13 - gopher Prefix: missing
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7C21687-586B-441C-AD91-A81F2305C2F5}: DhcpNameServer = 192.168.1.254
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
      O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = ComFile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


      MsConfig:64bit - StartUpReg: AdobeCS6ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
      MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - File not found
      MsConfig:64bit - StartUpReg: KSS - hkey= - key= - File not found
      MsConfig:64bit - StartUpReg: MotoCast - hkey= - key= - C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
      MsConfig:64bit - StartUpReg: ROC_roc_ssl_v12 - hkey= - key= - File not found
      MsConfig:64bit - StartUpReg: SDTray - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
      MsConfig:64bit - StartUpReg: Spybot-S&D Cleaning - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
      MsConfig:64bit - StartUpReg: swg - hkey= - key= - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
      MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      MsConfig:64bit - State: "startup" - Reg Error: Key error.
      MsConfig:64bit - State: "services" - Reg Error: Key error.

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/03/29 09:23:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2013/03/29 09:19:12 | 000,000,000 | ---D | C] -- C:\Windows\temp
      [2013/03/29 08:51:37 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2013/03/29 08:51:37 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2013/03/29 08:51:37 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
      [2013/03/29 08:44:01 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2013/03/29 08:43:36 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
      [2013/03/28 22:08:30 | 000,000,000 | ---D | C] -- C:\Users\Diego Zamudio\AppData\Roaming\GlarySoft
      [2013/03/28 22:07:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
      [2013/03/28 22:07:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
      [2013/03/28 21:14:38 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2013/03/27 12:32:07 | 000,000,000 | ---D | C] -- C:\Users\Diego Zamudio\AppData\Local\{0B053999-16F8-4F93-A842-21E44B1F971A}
      [2013/03/27 12:30:15 | 000,000,000 | ---D | C] -- C:\Users\Diego Zamudio\AppData\Local\{94DCD971-E2B1-4D0D-8D22-E3BD6C67AF7A}
      [2013/03/25 18:39:12 | 000,000,000 | ---D | C] -- C:\Users\Diego Zamudio\AppData\Roaming\Intermediate
      [2013/03/25 18:39:10 | 000,000,000 | ---D | C] -- C:\Users\Diego Zamudio\AppData\Roaming\Common
      [2013/03/11 08:36:51 | 000,000,000 | ---D | C] -- C:\Users\Diego Zamudio\AppData\Local\{091A3C6C-E15D-4858-A2C4-6CB01B3D5646}
      [2013/03/09 20:34:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2013/03/05 21:35:14 | 000,000,000 | ---D | C] -- C:\Users\Diego Zamudio\AppData\Roaming\PhotoScape
      [2013/03/05 21:09:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
      [2013/03/05 09:08:50 | 000,000,000 | ---D | C] -- C:\Users\Diego Zamudio\AppData\Roaming\CrystalIdea Software
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/03/29 09:29:12 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/03/29 09:29:12 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/03/29 09:26:46 | 000,001,174 | ---- | M] () -- C:\Users\Diego Zamudio\Desktop\OTL - Acceso directo.lnk
      [2013/03/29 09:23:46 | 000,242,474 | ---- | M] () -- C:\Windows\SysNative\fastboot.set
      [2013/03/29 09:23:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
      [2013/03/29 09:23:06 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/03/29 09:21:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/03/29 09:21:22 | 460,079,103 | -HS- | M] () -- C:\hiberfil.sys
      [2013/03/29 09:17:40 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
      [2013/03/29 09:16:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/03/29 08:42:09 | 000,001,225 | ---- | M] () -- C:\Users\Diego Zamudio\Desktop\ComboFix - Acceso directo.lnk
      [2013/03/28 22:33:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/03/28 22:31:10 | 001,670,586 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2013/03/28 22:31:10 | 000,745,486 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2013/03/28 22:31:10 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2013/03/28 22:31:10 | 000,157,954 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2013/03/28 22:31:10 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2013/03/27 12:25:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motoandroid_01007.Wdf
      [2013/03/14 22:14:16 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
      [2013/03/14 22:14:15 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
      [2013/03/06 16:53:43 | 005,051,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/03/29 09:26:46 | 000,001,174 | ---- | C] () -- C:\Users\Diego Zamudio\Desktop\OTL - Acceso directo.lnk
      [2013/03/29 08:51:37 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2013/03/29 08:51:37 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2013/03/29 08:51:37 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2013/03/29 08:51:37 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2013/03/29 08:51:37 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2013/03/29 08:42:09 | 000,001,225 | ---- | C] () -- C:\Users\Diego Zamudio\Desktop\ComboFix - Acceso directo.lnk
      [2013/03/28 22:07:22 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
      [2013/03/27 12:25:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_motoandroid_01007.Wdf
      [2013/03/14 22:14:16 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
      [2013/03/14 22:14:15 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
      [2013/03/05 21:09:50 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
      [2013/02/07 10:51:23 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
      [2013/01/03 19:30:15 | 000,005,120 | ---- | C] () -- C:\Users\Diego Zamudio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
      [2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
      [2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
      [2012/11/01 18:48:17 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
      [2012/10/29 17:42:24 | 000,007,597 | ---- | C] () -- C:\Users\Diego Zamudio\AppData\Local\Resmon.ResmonCfg
      [2012/10/13 16:34:56 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
      [2012/10/11 07:04:22 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
      [2012/09/05 14:17:34 | 002,086,240 | ---- | C] () -- C:\Windows\SysWow64\LenovoVeriface.Interface.dll
      [2012/09/05 14:17:34 | 001,500,512 | ---- | C] () -- C:\Windows\SysWow64\Apblend.dll
      [2012/09/05 14:17:34 | 001,171,456 | ---- | C] () -- C:\Windows\SysWow64\PicNotify.dll
      [2012/09/05 14:17:34 | 000,472,416 | ---- | C] () -- C:\Windows\SysWow64\Lenovo.VerifaceStub.dll
      [2012/09/05 14:17:26 | 001,044,480 | ---- | C] () -- C:\Windows\SysWow64\3DImageRenderer.dll
      [2012/09/05 13:47:37 | 001,648,560 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2012/07/08 18:56:50 | 000,755,572 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
      [2012/07/08 18:56:45 | 000,559,972 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
      [2012/02/02 14:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

      ========== ZeroAccess Check ==========

      [2013/01/07 20:00:54 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2013/03/28 22:19:06 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\BitTorrent
      [2012/12/30 20:12:54 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\BSplayer PRO
      [2012/11/25 21:33:56 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [2012/11/22 23:34:12 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [2013/03/25 18:39:10 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\Common
      [2013/03/05 09:08:50 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\CrystalIdea Software
      [2013/02/10 08:17:04 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\DAEMON Tools Lite
      [2012/10/31 18:45:48 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\Easeware
      [2013/03/28 22:20:28 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\GlarySoft
      [2013/03/28 21:07:37 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\Intermediate
      [2012/10/11 07:05:36 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\Leadertech
      [2012/12/15 11:47:09 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\Mipony
      [2013/03/28 22:25:54 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\MotoCast
      [2013/02/23 09:16:00 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\Motorola
      [2013/02/23 09:17:03 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\Motorola Mobility
      [2012/10/25 20:45:42 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\Nullsoft
      [2012/11/25 21:32:11 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\PACE Anti-Piracy
      [2012/10/13 17:07:10 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\PC Remote
      [2013/03/05 21:36:00 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\PhotoScape
      [2012/12/02 12:53:45 | 000,000,000 | ---D | M] -- C:\Users\Diego Zamudio\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

      ========== Custom Scans ==========

      < Código: >
      [2009/07/13 23:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
      [2009/07/13 23:08:49 | 000,032,630 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
      [2012/09/05 14:17:44 | 000,001,046 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
      [2012/09/05 14:17:44 | 000,001,050 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
      [2012/10/17 12:37:55 | 000,000,838 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
      [2013/03/28 22:07:22 | 000,000,340 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job

      < %systemdrive%\*.* >
      [2013/03/28 21:15:00 | 000,008,603 | ---- | M] () -- C:\AdwCleaner[S1].txt
      [2013/03/28 21:33:15 | 000,017,397 | ---- | M] () -- C:\AT-Destroyer.txt
      [2010/11/20 21:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
      [2011/02/24 11:03:41 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2013/03/29 09:19:10 | 000,026,387 | ---- | M] () -- C:\ComboFix.txt
      [2013/03/29 09:23:08 | 000,232,916 | ---- | M] () -- C:\FaceProv.log
      [2013/03/29 09:21:22 | 460,079,103 | -HS- | M] () -- C:\hiberfil.sys
      [2013/03/29 09:21:22 | 2045,095,935 | -HS- | M] () -- C:\pagefile.sys
      Invalid Environment Variable: programefiles

      < %appdata%\*.exe /ncn /s >
      [2009/03/25 09:51:44 | 000,035,840 | ---- | M] () -- C:\Users\Diego Zamudio\AppData\Roaming\Common\LuaRT\wlua.exe
      [2012/11/01 15:35:03 | 080,426,912 | ---- | M] (Intel(R) Corporation) -- C:\Users\Diego Zamudio\AppData\Roaming\Easeware\DriverEasy\drivers\1h3yws4i.dgh\Wireless_15.2.0_s64.exe
      [2012/11/01 18:11:34 | 094,812,109 | ---- | M] () -- C:\Users\Diego Zamudio\AppData\Roaming\Easeware\DriverEasy\drivers\cjbpud3p.f5p\AUD_Win8_Win7_Vista_6.0.1.6710_PV.exe
      [2012/11/01 22:19:33 | 173,278,480 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Diego Zamudio\AppData\Roaming\Easeware\DriverEasy\drivers\rck0fjfn.mjj\g4wb10ww.exe
      [2012/10/31 20:47:20 | 003,050,656 | ---- | M] (Easeware ) -- C:\Users\Diego Zamudio\AppData\Roaming\Easeware\DriverEasy\updates\4.2.0.31708\DriverEasy_Setup.exe
      [2007/03/22 04:46:42 | 000,126,976 | ---- | M] () -- C:\Users\Diego Zamudio\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
      [2012/12/18 18:31:26 | 000,041,984 | ---- | M] () -- C:\Users\Diego Zamudio\AppData\Roaming\Intermediate\Intermediate.exe
      [2012/11/25 16:01:11 | 000,055,424 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Diego Zamudio\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe

      < %windir%\system32\*.sys /lockedfiles >

      < CREATERESTOREPOIN >

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 1182 bytes -> C:\Users\Diego Zamudio\AppData\Local\Temp:famB8BqTbn1tx4aLz9he1Z2
      @Alternate Data Stream - 1113 bytes -> C:\Users\Diego Zamudio\AppData\Local\UxEbrkjXTE0QsW:f77ZYh62HJ8WDM5eweF6htZ6o

      < End of report >

      ME GUSTARÍA DECIRLES QUE EL PROBLEMA CON EL MOSQUITOOFFER SE HA SOLUCIONADO O POR LO MENOS YA NO ME HA SALIDO, MUCHAS GRACIAS, OJALA LO QUE LES ENVÍO SIRVA DE ALGO MUCHISIMAS GRACIAS.

    5. #5
      Moderadora Gral.
      Avatar de SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      21.836

      Re: OfferMosquito

      Hola NegroZ86:

      Que bueno que todo este mejor, pero aun se ven algunos problemas. realiza lo siguiente:


      1.-Abrir el Notepad (Bloc de Notas)
      • Ir a INICIO >>> EJECUTAR >>>
      • Escribir notepad.exe presionas ACEPTAR

      2.-Ahora copia y pega estos archivos dentro del Notepad. (Se excluye la palabra código)

      Código:
      KillAll::
      
      ClearJavaCache:: 
      
      Folder::
      c:\program files (x86)\Amazon Browser Bar
      
      Registry::
      [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{008f6853-9cb4-41c5-a950-39d55e5e06ba}]
      [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F443A627-5009-4323-9C1D-7FD598D0D712}]
      
      DDS:: 
      uInternet Settings,ProxyOverride = 192.168.*.*
      3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

      4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

      • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?




      Ejecutar OTL.exe
      • Pegue el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:
        • NOTA: No copiar la palabra codigo.

        Código:
        :OTL
        CHR - default_search_provider: search_url = http://www.mysearchresults.com/search?&c=3505&t=07&q={searchTerms}
        O2 - BHO: (TBLayoutBHO Class) - {008f6853-9cb4-41c5-a950-39d55e5e06ba} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll File not found
        O2 - BHO: (AlxHelper Class) - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll File not found
        O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
        O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
        O18:64bit: - Protocol\Handler\livecall - No CLSID value found
        O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
        O18:64bit: - Protocol\Handler\msnim - No CLSID value found
        O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
        O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
        O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
        O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
        O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
        O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
        MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - File not found
        MsConfig:64bit - StartUpReg: KSS - hkey= - key= - File not found
        MsConfig:64bit - StartUpReg: ROC_roc_ssl_v12 - hkey= - key= - File not found
        MsConfig:64bit - State: "startup" - Reg Error: Key error.
        MsConfig:64bit - State: "services" - Reg Error: Key error.
        [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
        @Alternate Data Stream - 1182 bytes -> C:\Users\Diego Zamudio\AppData\Local\Temp:famB8BqTbn1tx4aLz9he1Z2
        @Alternate Data Stream - 1113 bytes -> C:\Users\Diego Zamudio\AppData\Local\UxEbrkjXTE0QsW:f77ZYh62HJ8WDM5eweF6htZ6o
        
        
        :files
        ipconfig /flushdns /c
        ipconfig /renew /c
        
        :commands
        [resethosts]
        [emptyflash]
        [emptytemp]
        [emptyjava]
        [Reboot]
      • Luego haga clic en el botón Reparar en la parte superior.
      • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
      • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de NegroZ86
      Registrado
      dic 2012
      Ubicación
      Irapuato, Guana
      Mensajes
      15

      Re: OfferMosquito

      Envío reporte de combofix

      ComboFix 13-04-01.01 - Diego Zamudio 02/04/2013 7:44.3.8 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.3082.18.6046.4238 [GMT -6:00]
      Running from: c:\users\Diego Zamudio\Desktop\ComboFix.exe
      Command switches used :: c:\users\Diego Zamudio\Desktop\CFScript.txt
      AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
      SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
      SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files (x86)\Amazon Browser Bar
      c:\program files (x86)\Amazon Browser Bar\AlxSSBPS.dll
      c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
      c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.Uninstall.exe
      c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBarSSB.3.0.dll
      .
      .
      ((((((((((((((((((((((((( Files Created from 2013-03-02 to 2013-04-02 )))))))))))))))))))))))))))))))
      .
      .
      2013-04-02 13:49 . 2013-04-02 13:49 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
      2013-04-02 13:49 . 2013-04-02 13:49 -------- d-----w- c:\users\Default\AppData\Local\temp
      2013-04-02 02:59 . 2013-04-02 02:59 -------- d-----w- c:\users\Diego Zamudio\AppData\Roaming\TeamViewer
      2013-04-02 02:54 . 2013-04-02 02:54 -------- d-----w- c:\program files (x86)\MSECache
      2013-04-01 01:00 . 2013-04-01 01:00 163088 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10143.bin
      2013-04-01 00:11 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D824E8E-F2D9-43C8-B84A-064260462C35}\mpengine.dll
      2013-03-29 04:08 . 2013-03-29 04:20 -------- d-----w- c:\users\Diego Zamudio\AppData\Roaming\GlarySoft
      2013-03-29 04:07 . 2013-03-29 04:07 -------- d-----w- c:\program files (x86)\Glary Utilities
      2013-03-29 03:14 . 2013-03-29 03:29 -------- d-----w- C:\_AT-Destroyer
      2013-03-26 00:39 . 2013-03-29 03:07 -------- d-----w- c:\users\Diego Zamudio\AppData\Roaming\Intermediate
      2013-03-26 00:39 . 2013-03-26 00:39 -------- d-----w- c:\users\Diego Zamudio\AppData\Roaming\Common
      2013-03-15 04:11 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
      2013-03-12 05:46 . 2013-03-12 05:46 -------- d-----w- c:\users\Public\CyberLink
      2013-03-06 03:35 . 2013-03-06 03:36 -------- d-----w- c:\users\Diego Zamudio\AppData\Roaming\PhotoScape
      2013-03-06 03:09 . 2013-03-06 03:09 -------- d-----w- c:\program files (x86)\TeamViewer
      2013-03-05 15:08 . 2013-03-05 15:08 -------- d-----w- c:\users\Diego Zamudio\AppData\Roaming\CrystalIdea Software
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-03-14 15:09 . 2012-10-13 20:37 72013344 ----a-w- c:\windows\system32\MRT.exe
      2013-03-13 03:02 . 2012-10-17 18:37 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-03-13 03:02 . 2012-10-17 18:37 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2013-02-12 05:45 . 2013-03-14 14:32 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
      2013-02-12 05:45 . 2013-03-14 14:32 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
      2013-02-12 05:45 . 2013-03-14 14:32 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
      2013-02-12 05:45 . 2013-03-14 14:32 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
      2013-02-12 04:48 . 2013-03-14 14:32 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
      2013-02-12 04:48 . 2013-03-14 14:32 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
      2013-02-10 14:20 . 2013-02-10 14:20 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
      2013-02-07 17:50 . 2013-02-07 16:51 74703 ----a-w- c:\windows\SysWow64\mfc45.dat
      2013-02-06 01:45 . 2013-02-06 01:45 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2013-02-06 01:45 . 2012-11-23 05:28 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2013-02-06 01:45 . 2012-11-23 05:28 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2013-01-17 07:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
      2013-01-13 21:17 . 2013-03-02 13:13 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
      2013-01-13 21:17 . 2013-03-02 13:13 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
      2013-01-13 21:16 . 2013-03-02 13:13 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
      2013-01-13 21:12 . 2013-03-02 13:13 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
      2013-01-13 21:11 . 2013-03-02 13:13 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
      2013-01-13 21:11 . 2013-03-02 13:13 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
      2013-01-13 21:11 . 2013-03-02 13:13 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
      2013-01-13 21:11 . 2013-03-02 13:13 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
      2013-01-13 21:11 . 2013-03-02 13:13 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
      2013-01-13 20:35 . 2013-03-02 13:13 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
      2013-01-13 20:35 . 2013-03-02 13:13 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
      2013-01-13 20:35 . 2013-03-02 13:13 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
      2013-01-13 20:32 . 2013-03-02 13:13 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
      2013-01-13 20:31 . 2013-03-02 13:13 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
      2013-01-13 20:31 . 2013-03-02 13:13 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
      2013-01-13 20:31 . 2013-03-02 13:13 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
      2013-01-13 20:31 . 2013-03-02 13:13 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
      2013-01-13 20:31 . 2013-03-02 13:13 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
      2013-01-13 20:31 . 2013-03-02 13:13 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
      2013-01-13 20:22 . 2013-03-02 13:13 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
      2013-01-13 20:20 . 2013-03-02 13:13 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
      2013-01-13 20:09 . 2013-03-02 13:13 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
      2013-01-13 20:08 . 2013-03-02 13:13 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
      2013-01-13 20:08 . 2013-03-02 13:13 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
      2013-01-13 19:59 . 2013-03-02 13:13 1643520 ----a-w- c:\windows\system32\DWrite.dll
      2013-01-13 19:58 . 2013-03-02 13:13 1175552 ----a-w- c:\windows\system32\FntCache.dll
      2013-01-13 19:54 . 2013-03-02 13:13 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
      2013-01-13 19:53 . 2013-03-02 13:13 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
      2013-01-13 19:53 . 2013-03-02 13:14 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
      2013-01-13 19:51 . 2013-03-02 13:13 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
      2013-01-13 19:49 . 2013-03-02 13:13 363008 ----a-w- c:\windows\system32\dxgi.dll
      2013-01-13 19:48 . 2013-03-02 13:13 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
      2013-01-13 19:46 . 2013-03-02 13:13 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
      2013-01-13 19:43 . 2013-03-02 13:13 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
      2013-01-13 19:38 . 2013-03-02 13:13 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
      2013-01-13 19:38 . 2013-03-02 13:13 1887232 ----a-w- c:\windows\system32\d3d11.dll
      2013-01-13 19:38 . 2013-03-02 13:13 296960 ----a-w- c:\windows\system32\d3d10core.dll
      2013-01-13 19:37 . 2013-03-02 13:13 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
      2013-01-13 19:25 . 2013-03-02 13:13 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
      2013-01-13 19:24 . 2013-03-02 13:13 648192 ----a-w- c:\windows\system32\d3d10level9.dll
      2013-01-13 19:24 . 2013-03-02 13:14 221184 ----a-w- c:\windows\system32\UIAnimation.dll
      2013-01-13 19:20 . 2013-03-02 13:13 194560 ----a-w- c:\windows\system32\d3d10_1.dll
      2013-01-13 19:20 . 2013-03-02 13:13 1238528 ----a-w- c:\windows\system32\d3d10.dll
      2013-01-13 19:15 . 2013-03-02 13:13 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
      2013-01-13 19:10 . 2013-03-02 13:13 3928064 ----a-w- c:\windows\system32\d2d1.dll
      2013-01-13 19:02 . 2013-03-02 13:14 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
      2013-01-13 18:34 . 2013-03-02 13:13 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
      2013-01-13 18:32 . 2013-03-02 13:14 465920 ----a-w- c:\windows\system32\WMPhoto.dll
      2013-01-13 18:09 . 2013-03-02 13:13 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
      2013-01-13 17:26 . 2013-03-02 13:13 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
      2013-01-13 17:05 . 2013-03-02 13:13 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
      2013-01-05 05:53 . 2013-02-13 00:12 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
      2013-01-05 05:00 . 2013-02-13 00:12 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
      2013-01-05 05:00 . 2013-02-13 00:12 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
      2013-01-04 06:11 . 2013-03-02 13:14 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
      2013-01-04 06:11 . 2013-03-02 13:14 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
      2013-01-04 05:46 . 2013-02-13 00:12 215040 ----a-w- c:\windows\system32\winsrv.dll
      2013-01-04 04:51 . 2013-02-13 00:12 5120 ----a-w- c:\windows\SysWow64\wow32.dll
      2013-01-04 04:43 . 2013-02-13 00:12 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2013-01-04 03:26 . 2013-02-13 00:12 3153408 ----a-w- c:\windows\system32\win32k.sys
      2013-01-04 02:47 . 2013-02-13 00:12 25600 ----a-w- c:\windows\SysWow64\setup16.exe
      2013-01-04 02:47 . 2013-02-13 00:12 7680 ----a-w- c:\windows\SysWow64\instnm.exe
      2013-01-04 02:47 . 2013-02-13 00:12 2048 ----a-w- c:\windows\SysWow64\user.exe
      2013-01-04 02:47 . 2013-02-13 00:12 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
      2013-01-03 06:00 . 2013-02-13 00:12 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2013-01-03 06:00 . 2013-02-13 00:12 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{008f6853-9cb4-41c5-a950-39d55e5e06ba}]
      c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll [BU]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F443A627-5009-4323-9C1D-7FD598D0D712}]
      c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll [BU]
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
      "Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]
      "Intermediate"="c:\users\Diego Zamudio\AppData\Roaming\Intermediate\Intermediate.exe" [2012-12-19 41984]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
      "YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
      "VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-09-05 329056]
      "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
      "UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
      "LockKey"="c:\program files (x86)\LockKey\LockKey.exe" [2011-08-25 337776]
      "Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
      "Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272]
      "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-2-1 1380128]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)
      "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
      BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
      @=""
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
      R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
      R2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe [2011-12-23 120160]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
      R3 AMPPALP;Protocolo Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
      R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
      R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-30 6144]
      R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
      R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
      R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-26 34200]
      R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
      R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [2009-07-10 31744]
      R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2012-06-11 22016]
      R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2012-01-25 9728]
      R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2012-06-08 27136]
      R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [2011-11-08 11776]
      R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-06-25 272688]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-13 1255736]
      R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
      S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2012-09-05 57952]
      S0 iusb3hcs;Controlador del conmutador de la controladora de host Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
      S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-09-05 39008]
      S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys [2011-12-23 24160]
      S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
      S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2012-09-05 13408]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-10 283200]
      S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
      S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
      S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys [2011-12-21 59488]
      S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
      S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
      S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-09-08 87992]
      S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
      S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
      S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
      S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
      S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
      S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-10-23 120728]
      S2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2011-09-02 65657]
      S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
      S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
      S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
      S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
      S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
      S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
      S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-06-25 3325232]
      S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-09-05 30816]
      S3 AMPPAL;Adaptador virtual Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
      S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-28 31088]
      S3 hswpan;WPAN Driver;c:\windows\system32\DRIVERS\hswpan.sys [2012-01-27 109056]
      S3 IntcDAud;Sonido Intel(R) para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
      S3 iusb3hub;Controlador del concentrador Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
      S3 iusb3xhc;Controlador de la controladora de host Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
      S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-26 25496]
      S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2012-06-07 174200]
      S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]
      S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys [2012-05-17 8223464]
      .
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2013-04-02 13:35 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-04-02 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-17 03:02]
      .
      2013-04-02 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files (x86)\Glary Utilities\initialize.exe [2013-03-29 23:21]
      .
      2013-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05 20:17]
      .
      2013-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05 20:17]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
      @="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
      [HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
      2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
      @="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
      [HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
      2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
      @="{A759AFF6-5851-457D-A540-F4ECED148351}"
      [HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
      2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
      @="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
      [HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
      2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
      @="{771C7324-DA80-49D3-8017-753B0AF60951}"
      [HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
      2012-09-05 20:17 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
      "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
      "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
      "SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-08-21 13192848]
      "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-17 1215632]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
      "OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-09-05 789856]
      "Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-09-05 206176]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
      "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-09-05 6202416]
      "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-09-05 8079408]
      "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
      FontCache
      .
      ------- Supplementary Scan -------
      .
      uStart Page = Google
      uLocal Page = c:\windows\system32\blank.htm
      mStart Page = Google
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: &Enviar a OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
      TCP: DhcpNameServer = 192.168.1.254
      FF - ProfilePath - c:\users\Diego Zamudio\AppData\Roaming\Mozilla\Firefox\Profiles\dwzuf51c.default\
      FF - prefs.js: browser.search.defaulturl - Google
      FF - prefs.js: browser.search.selectedEngine - Google
      FF - prefs.js: browser.startup.homepage - hxxp://google.com
      FF - prefs.js: keyword.URL - hxxps://www.google.com/search?q=
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      Notify-SDWinLogon - SDWinLogon.dll
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
      @Denied: (A) (Everyone)
      "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
      .
      [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
      @Denied: (A) (Everyone)
      .
      [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
      "Key"="ActionsPane3"
      "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
      c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
      c:\program files (x86)\TeamViewer\Version8\TeamViewer.exe
      c:\program files (x86)\TeamViewer\Version8\tv_w32.exe
      c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      c:\windows\SysWOW64\RunDll32.exe
      .
      **************************************************************************
      .
      Completion time: 2013-04-02 07:55:06 - machine was rebooted
      ComboFix-quarantined-files.txt 2013-04-02 13:55
      ComboFix2.txt 2013-03-29 15:00
      .
      Pre-Run: 755,935,428,608 bytes libres
      Post-Run: 755,839,291,392 bytes libres
      .
      - - End Of File - - A235AA85516C45ECD3F3D3920E46FFC0

    7. #7
      Usuario Avatar de NegroZ86
      Registrado
      dic 2012
      Ubicación
      Irapuato, Guana
      Mensajes
      15

      Re: OfferMosquito

      All processes killed
      ========== OTL ==========
      Use Chrome's Settings page to remove the default_search_provider items.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{008f6853-9cb4-41c5-a950-39d55e5e06ba}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{008f6853-9cb4-41c5-a950-39d55e5e06ba}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F443A627-5009-4323-9C1D-7FD598D0D712}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F443A627-5009-4323-9C1D-7FD598D0D712}\ deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
      File Protocol\Handler\livecall - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
      File Protocol\Handler\ms-help - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
      File Protocol\Handler\msnim - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
      File Protocol\Handler\skype4com - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
      File Protocol\Handler\wlmailhtml - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
      File Protocol\Handler\wlpg - No CLSID value found not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon\ deleted successfully.
      64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Facebook Update\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\KSS\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ROC_roc_ssl_v12\ not found.
      C:\Windows\msdownld.tmp folder deleted successfully.
      ADS C:\Users\Diego Zamudio\AppData\Local\Temp:famB8BqTbn1tx4aLz9he1Z2 deleted successfully.
      ADS C:\Users\Diego Zamudio\AppData\Local\UxEbrkjXTE0QsW:f77ZYh62HJ8WDM5eweF6htZ6o deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Diego Zamudio\Desktop\cmd.bat deleted successfully.
      C:\Users\Diego Zamudio\Desktop\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Conexi¢n de red inal*mbrica 3 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de red inal*mbrica 2 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 3:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 2:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . : lan
      V¡nculo: direcci¢n IPv6 local. . . : fe80::5d9:fe1f:d157:8fe4%15
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.94
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.254
      Adaptador de Ethernet Conexi¢n de *rea local:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.lan:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : lan
      Adaptador de t£nel Conexi¢n de *rea local* 9:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:6ab8:283d:12bf:3f57:fea1
      V¡nculo: direcci¢n IPv6 local. . . : fe80::283d:12bf:3f57:fea1%18
      Puerta de enlace predeterminada . . . . . : ::
      C:\Users\Diego Zamudio\Desktop\cmd.bat deleted successfully.
      C:\Users\Diego Zamudio\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: All Users

      User: Default
      ->Flash cache emptied: 58264 bytes

      User: Default User
      ->Flash cache emptied: 0 bytes

      User: Diego Zamudio
      ->Flash cache emptied: 60504 bytes

      User: Public

      User: UpdatusUser

      Total Flash Files Cleaned = 0.00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 67 bytes
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Diego Zamudio
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 1318273 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 483528029 bytes
      ->Google Chrome cache emptied: 388309735 bytes
      ->Flash cache emptied: 0 bytes

      User: Public
      ->Temp folder emptied: 0 bytes

      User: UpdatusUser
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 0 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95687 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 833.00 mb


      [EMPTYJAVA]

      User: All Users

      User: Default

      User: Default User

      User: Diego Zamudio
      ->Java cache emptied: 0 bytes

      User: Public

      User: UpdatusUser

      Total Java Files Cleaned = 0.00 mb


      OTL by OldTimer - Version 3.2.69.0 log created on 04022013_075930

      Files\Folders moved on Reboot...
      C:\Users\Diego Zamudio\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
      C:\Users\Diego Zamudio\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

      Siento que la computadora trabaja bastante bien si noto algunas mejorías en el funcionamiento aunque siento que tarda un poco al iniciarse la sesión a windows, pero en terminos generales funciona bien, muchas gracias por su ayuda y soporte.

    8. #8
      Moderadora Gral.
      Avatar de SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      21.836

      Re: OfferMosquito

      Hola NegroZ86:



      aunque siento que tarda un poco al iniciarse la sesión a windows

      Tienes muchos programas cargados al Inicio.


      Realiza lo siguiente:


      Ejecutas OTL.exe:
      1. Haga click en el botón Limpiar.
      2. Se desintalarán las herramientas usadas durante el proceso de desinfección.
      3. Sea paciente mientras se realiza la desinstalación.
      4. Al terminar reinicie el sistema


      Descargas y ejecutas :

      • Ccleaner.

        • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
        • Despues usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


        Dentro de CCleaner >>> Pestaña Herramientas >>> Ventana"Inicio"


        Presiona "Guardar a un Archivo de Texto", pegas ese reporte en tu próximo mensaje.



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de NegroZ86
      Registrado
      dic 2012
      Ubicación
      Irapuato, Guana
      Mensajes
      15

      Re: OfferMosquito

      Si HKCU:Run DAEMON Tools Lite DT Soft Ltd "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
      No HKCU:Run Facebook Update "C:\Users\Diego Zamudio\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
      Si HKCU:Run Intermediate "C:\Users\Diego Zamudio\AppData\Roaming\Intermediate\Intermediate.exe"
      No HKCU:Run KSS "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
      No HKCU:Run MotoCast "C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk"
      Si HKCU:Run Spybot-S&D Cleaning Safer-Networking Ltd. "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
      No HKCU:Run swg Google Inc. "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
      Si HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
      No HKLM:Run AdobeCS6ServiceManager Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
      Si HKLM:Run egui ESET "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
      Si HKLM:Run Energy Management Lenovo (Beijing) Limited C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
      Si HKLM:Run EnergyUtility Lenovo(beijing) Limited C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
      Si HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
      Si HKLM:Run IAStorIcon Intel Corporation C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      Si HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
      Si HKLM:Run Intelligent Touchpad Lenovo (Beijing) Limited C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
      Si HKLM:Run Lenovo EE Boot Optimizer Lenovo C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
      Si HKLM:Run Lenovo Registration Lenovo, Inc. C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
      Si HKLM:Run LockKey C:\Program Files (x86)\LockKey\LockKey.exe
      Si HKLM:Run OnekeyStudio Lenovo C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
      Si HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
      No HKLM:Run ROC_roc_ssl_v12 "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
      Si HKLM:Run RtHDVBg_Dolby Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
      Si HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
      No HKLM:Run SDTray Safer-Networking Ltd. "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
      No HKLM:Run SwitchBoard Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      Si HKLM:Run SynLenovoGestureMgr Synaptics %ProgramFiles%\Synaptics\SynTP\SynLenovoGestureMgr.exe
      Si HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
      Si HKLM:Run UpdateP2GShortCut CyberLink Corp. "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
      Si HKLM:Run UpdatePRCShortCut CyberLink Corp. "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
      Si HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
      Si HKLM:Run VeriFaceManager Lenovo C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
      Si HKLM:Run YouCam Mirage CyberLink "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
      Si HKLM:Run YouCam Tray CyberLink Corp. "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
      Si Startup Common Bluetooth.lnk Broadcom Corporation. C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

    10. #10
      Moderadora Gral.
      Avatar de SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      21.836

      Re: OfferMosquito

      Hola NegroZ86:


      Ejecuta Ccleaner y desde su pestaña Inicio desactiva todas las entradas, excepto estas dos:


      Si HKLM:Run egui ESET "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

      Si HKCU:Run Spybot-S&D Cleaning Safer-Networking Ltd. "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
      Cualquier programe que falte que inicie con windows puedes volver a activarlo.


      Nos comentas.



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo