• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 13

    Ayuda con Malware y asegurarme que a desaparecido (Solucionado)

    Resumen del tema: Ayuda con Malware y asegurarme que a desaparecido (Solucionado) - Bueno hace un par de semanas el avast me detecto un dropper, lo elimine y hice una par de chequeos mas para ver si había desaparecido y el avast no detecto nada. Hoy volví a ...

      
    1. #1
      Usuario Avatar de MrCrazy
      Registrado
      abr 2013
      Ubicación
      España
      Mensajes
      7

      Ayuda con Malware y asegurarme que a desaparecido (Solucionado)

      Bueno hace un par de semanas el avast me detecto un dropper, lo elimine y hice una par de chequeos mas para ver si había desaparecido y el avast no detecto nada.
      Hoy volví a escanear y me apareció que se había detectado el virus Sirefef.gen y utilice el MSE para eliminarlo lo que quiero saber ahora es si elimine ya toda amenaza aquí les dejo el log de HijackThis:

      Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 3:41:40 PM, on 4/27/2013
      Platform: Windows 7 SP1 (WinNT 6.00.3505)
      MSIE: Internet Explorer v9.00 (9.00.8112.16476)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Windows\system32\taskhost.exe
      C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\Common Files\Java\Java Update\jusched.exe
      C:\Program Files\HP\HP Software Update\hpwuschd2.exe
      C:\Program Files\AVAST Software\Avast\AvastUI.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Users\Jorge\Desktop\uTorrent.exe
      C:\Users\Jorge\AppData\Roaming\SearchProtect\bin\cltmng.exe
      C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
      C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
      C:\Program Files\Optimizer Pro\OptProSmartScan.exe
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Program Files\Steam\Steam.exe
      C:\Program Files\Microsoft Security Client\msseces.exe
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
      C:\Program Files\Google\Chrome\Application\chrome.exe
      C:\Users\Jorge\Downloads\HijackThis.exe
      C:\Windows\system32\notepad.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3176921&octid=CT3176921&SearchSource=61&CUI=UN64180244028223230&UM=UM_ID&UP=SP12D8858C-4F3E-4115-9E11-6EA38A6B4BE5
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/?pid=388&src=ie1&r=2013/03/31&hid=1874964817&lg=EN&cc=MX
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: uTorrentBar_ES Toolbar - {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - C:\Program Files\uTorrentBar_ES\prxtbuTor.dll
      R3 - URLSearchHook: express-files Toolbar - {88ac3cb6-596b-4217-964c-b6757ef9602d} - C:\Program Files\express-files\prxtbexpr.dll
      O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
      O2 - BHO: Search-NewTab - {1027302A-DAF2-61F6-6F0E-E1EF4C1D3FCF} - C:\ProgramData\Search-NewTab\51105eb869a26.dll
      O2 - BHO: continuetosave - {14E44A44-1529-F36F-45B6-9A4E94BAA0B7} - C:\ProgramData\continuetosave\50f614109b232.dll
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: Browse2save - {2F734CF1-4F19-9CA0-A1BC-229AA7DAD7B4} - C:\ProgramData\Browse2save\51105e2decec7.dll
      O2 - BHO: Browse2save - {3CF94FBF-FB21-9BC8-6352-210A54DB256A} - C:\ProgramData\Browse2save\5111985a50565.dll
      O2 - BHO: Bcool - {42333296-00D9-2B66-F6E5-6C80969BB4DD} - C:\ProgramData\Bcool\50aae0362e976.ocx
      O2 - BHO: continuetosave - {46444C6A-9FE8-5B7C-748D-534AA03B4D78} - C:\ProgramData\continuetosave\5117e21339758.dll
      O2 - BHO: Search-NewTab - {5972B02A-D122-C0EE-8C2D-025AFB2CB4B0} - C:\ProgramData\Search-NewTab\5111988711e88.dll
      O2 - BHO: Browse2save - {64D8EB9C-401A-7CC6-DC05-523CFCD1FA02} - C:\ProgramData\Browse2save\51105d4a0dbfe.dll
      O2 - BHO: Bcool - {6E665124-D753-11D1-78B3-A1BA9964B590} - C:\ProgramData\Bcool\5084395fef02c.ocx
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
      O2 - BHO: PSafe ClikSeguro - {802D2971-E7C7-4219-8D5C-AFDCD0DA939E} - (no file)
      O2 - BHO: express-files - {88ac3cb6-596b-4217-964c-b6757ef9602d} - C:\Program Files\express-files\prxtbexpr.dll
      O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
      O2 - BHO: continuetosave - {AE4567FD-2990-7DC6-C29E-6D5174650C6C} - C:\ProgramData\continuetosave\50fe17f71b46b.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
      O2 - BHO: uTorrentBar_ES - {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - C:\Program Files\uTorrentBar_ES\prxtbuTor.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
      O2 - BHO: continuetosave - {F268ED61-2A3E-5331-5654-8EC9440071D4} - C:\ProgramData\continuetosave\5124074462884.dll
      O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (file missing)
      O3 - Toolbar: uTorrentBar_ES Toolbar - {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - C:\Program Files\uTorrentBar_ES\prxtbuTor.dll
      O3 - Toolbar: express-files Toolbar - {88ac3cb6-596b-4217-964c-b6757ef9602d} - C:\Program Files\express-files\prxtbexpr.dll
      O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
      O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe
      O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
      O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey
      O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [EADM] "C:\Program Files\Origin\Origin.exe" -AutoStart
      O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
      O4 - HKCU\..\Run: [uTorrent] "C:\Users\Jorge\Desktop\uTorrent.exe" /MINIMIZED
      O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe
      O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
      O4 - HKCU\..\Run: [SearchProtect] C:\Users\Jorge\AppData\Roaming\SearchProtect\bin\cltmng.exe
      O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
      O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
      O4 - Startup: 2WireSetup.lnk = C:\Program Files\Prodigy Infinitum\WebWorks.exe
      O4 - Startup: Recorte de pantalla y Selector de OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
      O4 - Global Startup: AML Device Install.lnk = C:\Program Files\AMD AVT\bin\kdbsync.exe
      O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
      O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
      O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: *.clonewarsadventures.com
      O15 - Trusted Zone: *.freerealms.com
      O15 - Trusted Zone: *.soe.com
      O15 - Trusted Zone: *.sony.com
      O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      O20 - AppInit_DLLs: c:\progra~2\browse~2\251005~1.80\{c16c1~1\browse~1.dll c:\progra~1\bcool\sprote~1.dll
      O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
      O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
      O23 - Service: AMD FUEL Service - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
      O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
      O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
      O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files\SearchProtect\bin\CltMngSvc.exe
      O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
      O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
      O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
      O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
      O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (IpHlpSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
      O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
      O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
      O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
      O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
      O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
      O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
      O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
      O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
      O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
      O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
      O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
      O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

      --
      End of file - 27021 bytes

      De antemano gracias por la ayuda.

    2. #2
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      15.800

      Re: Ayuda con Malware y asegurarme que a desaparecido

      Buenas MrCrazy. al Foro.

      Temas que interesa revisar y leer :

      Consejos para antes de publicar un nuevo mensaje.

      Políticas del Foro de InfoSpyware.

      Políticas Foro Oficial de HijackThis en español.

      ¿Cómo subir imágenes al Foro? *TUTORIAL*
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Parece que te has infectado de forma complicada, para revisar tu maquina, sigue estos pasos, en el orden indicado y de uno a uno :

      Descarga y ejecuta >> Ccleaner.

      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      Descarga, actualiza y ejecuta >> Malwarebytes’ Anti-Malware.

      • En la pestaña Actualizar pulsas sobre el botón "Buscar Actualizaciones"
      • En la pestaña Escáner marcas "Realizar un Examen Completo."
      • Con la opción de "Eliminar lo seleccionado" y Marcando TODO lo que encuentres lo mandas todo a la cuarentena y reinicias el sistema.
      • En la pestaña "Registros", encontrarás el informe del MBAM, lo copias y pegas en tu próxima respuesta, para analizarlo.


      Descarga >> AdwCleaner | InfoSpyware.


      • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Y cierra todos los programas que tengas abiertos.
      • Ejecuta Adwcleaner. (Si usas Windows Vista o 7 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsar en el Botón Supresión.
      • Sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
      • Guardas el reporte que te saldrá en el escritorio, para pegarlo en tu próxima respuesta.



      Y finalmente descarga >> OTL By OldTimer

      *** Para Ejecutar OTL sigue estos pasos :

      • Cerrar todos programas que tengas abiertos y hacer doble click en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar la casilla Analizar Todos.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones: Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar las líneas del siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Código:
        Código:
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT


      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presionar el botón .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.


      En tu próxima respuesta recuerda :

      - Ponernos los informes de Malwarebytes, AdwCleaner y OTL.txt.

      - Y nos cuentas como funciona tu equipo, en relación al problema planteado.

      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de MrCrazy
      Registrado
      abr 2013
      Ubicación
      España
      Mensajes
      7

      Re: Ayuda con Malware y asegurarme que a desaparecido

      Muchas gracias e seguido paso a paso, las diferencia que puedo encontrar en el funcionamiento es que ya el inicio no se tarada como antes y la velocidad a ligeramente mejorado a la hora de ejecutar programas como itunes aqui te dejo los informes

      Malwarebytes

      Malwarebytes Anti-Malware (Versión de Prueba) 1.75.0.1300
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2013.04.27.04

      Windows 7 Service Pack 1 x86 NTFS
      Internet Explorer 9.0.8112.16421
      Jorge :: JORGE-PC [administrador]

      Protección: Habilitado

      4/27/2013 7:08:08 PM
      mbam-log-2013-04-27 (19-08-08).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 415676
      Tiempo transcurrido: 1 hora(s), 4 minuto(s), 17 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 3
      HKCR\CLSID\{F268ED61-2A3E-5331-5654-8EC9440071D4} (Adware.MultiPlug) -> En cuarentena y eliminado con éxito.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F268ED61-2A3E-5331-5654-8EC9440071D4} (Adware.MultiPlug) -> En cuarentena y eliminado con éxito.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F268ED61-2A3E-5331-5654-8EC9440071D4} (Adware.MultiPlug) -> En cuarentena y eliminado con éxito.

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 3
      C:\ProgramData\continuetosave\5124074462884.dll (Adware.MultiPlug) -> En cuarentena y eliminado con éxito.
      C:\Users\Jorge\Downloads\Kingdoms_of_Amalur_Reckoning_SKIDROW.exe (PUP.Adware.Agent) -> En cuarentena y eliminado con éxito.
      C:\Users\Jorge\Downloads\BsPro by @sebamax007\Keygen\CORE10k.EXE (PUP.Keygen.Intro) -> En cuarentena y eliminado con éxito.

      fin)

      AdwCleaner

      # AdwCleaner v2.202 - Fichero creado el 27/04/2013 a 20:38:08
      # Actualizado el 23/04/2013 por Xplode
      # Sistema operativo : Windows 7 Home Premium Service Pack 1 (32 bits)
      # Usuario : Jorge - JORGE-PC
      # Modo de inicio : Normal
      # Ejecutado desde : C:\Users\Jorge\Desktop\adwcleaner.exe
      # Opción [Supresión]


      ***** [Servicios] *****

      Parado & Suprimido : BrowserProtect
      Parado & Suprimido : CltMngSvc

      ***** [Ficheros / Carpetas] *****

      Carpeta Suprimido : C:\Program Files\BrowseToSave
      Carpeta Suprimido : C:\Program Files\Conduit
      Carpeta Suprimido : C:\Program Files\express-files
      Carpeta Suprimido : C:\Program Files\MocaFlix
      Carpeta Suprimido : C:\Program Files\Optimizer Pro
      Carpeta Suprimido : C:\Program Files\SearchProtect
      Carpeta Suprimido : C:\Program Files\uTorrentBar_ES
      Carpeta Suprimido : C:\Program Files\WebSearch
      Carpeta Suprimido : C:\ProgramData\APN
      Carpeta Suprimido : C:\ProgramData\Babylon
      Carpeta Suprimido : C:\ProgramData\Browse2save
      Carpeta Suprimido : C:\ProgramData\clsoft ltd
      Carpeta Suprimido : C:\ProgramData\continuetosave
      Carpeta Suprimido : C:\ProgramData\InstallMate
      Carpeta Suprimido : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browse2save
      Carpeta Suprimido : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\continuetosave
      Carpeta Suprimido : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
      Carpeta Suprimido : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs
      Carpeta Suprimido : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search-NewTab
      Carpeta Suprimido : C:\ProgramData\Premium
      Carpeta Suprimido : C:\ProgramData\RightClick
      Carpeta Suprimido : C:\ProgramData\SaveAs
      Carpeta Suprimido : C:\ProgramData\Search-NewTab
      Carpeta Suprimido : C:\ProgramData\SoftSafe
      Carpeta Suprimido : C:\ProgramData\Tarma Installer
      Carpeta Suprimido : C:\Users\Jorge\AppData\Local\Conduit
      Carpeta Suprimido : C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
      Carpeta Suprimido : C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk
      Carpeta Suprimido : C:\Users\Jorge\AppData\LocalLow\Browse2save
      Carpeta Suprimido : C:\Users\Jorge\AppData\LocalLow\Conduit
      Carpeta Suprimido : C:\Users\Jorge\AppData\LocalLow\continuetosave
      Carpeta Suprimido : C:\Users\Jorge\AppData\LocalLow\express-files
      Carpeta Suprimido : C:\Users\Jorge\AppData\LocalLow\SaveAs
      Carpeta Suprimido : C:\Users\Jorge\AppData\LocalLow\Search-NewTab
      Carpeta Suprimido : C:\Users\Jorge\AppData\LocalLow\uTorrentBar_ES
      Carpeta Suprimido : C:\Users\Jorge\AppData\Roaming\Babylon
      Carpeta Suprimido : C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
      Carpeta Suprimido : C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
      Carpeta Suprimido : C:\Users\Jorge\AppData\Roaming\NCdownloader
      Carpeta Suprimido : C:\Users\Jorge\AppData\Roaming\OpenCandy
      Carpeta Suprimido : C:\Users\Jorge\AppData\Roaming\Optimizer Pro
      Carpeta Suprimido : C:\Users\Jorge\AppData\Roaming\SearchProtect
      Fichero Suprimido : C:\END
      Fichero Suprimido : C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
      Fichero Suprimido : C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
      Fichero Suprimido : C:\Windows\system32\bprotector_extensions.sqlite
      Suprimido al reiniciar : C:\ProgramData\BrowserProtect
      Suprimido al reiniciar : C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh

      ***** [Registro] *****

      Clave Supprimida : HKCU\Software\1ClickDownload
      Clave Supprimida : HKCU\Software\5e6dcdfb068e514
      Clave Supprimida : HKCU\Software\AppDataLow\Software\Conduit
      Clave Supprimida : HKCU\Software\AppDataLow\Software\express-files
      Clave Supprimida : HKCU\Software\AppDataLow\Software\SmartBar
      Clave Supprimida : HKCU\Software\AppDataLow\Software\uTorrentBar_ES
      Clave Supprimida : HKCU\Software\AppDataLow\SProtector
      Clave Supprimida : HKCU\Software\AppDataLow\Toolbar
      Clave Supprimida : HKCU\Software\Conduit
      Clave Supprimida : HKCU\Software\DataMngr
      Clave Supprimida : HKCU\Software\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
      Clave Supprimida : HKCU\Software\Google\Chrome\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{01BD49D7-C76B-4310-8BEB-14D7E5F322C6}
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E665124-D753-11D1-78B3-A1BA9964B590}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88AC3CB6-596B-4217-964C-B6757EF9602D}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1027302A-DAF2-61F6-6F0E-E1EF4C1D3FCF}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14E44A44-1529-F36F-45B6-9A4E94BAA0B7}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2F734CF1-4F19-9CA0-A1BC-229AA7DAD7B4}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CF94FBF-FB21-9BC8-6352-210A54DB256A}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42333296-00D9-2B66-F6E5-6C80969BB4DD}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{46444C6A-9FE8-5B7C-748D-534AA03B4D78}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5972B02A-D122-C0EE-8C2D-025AFB2CB4B0}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64D8EB9C-401A-7CC6-DC05-523CFCD1FA02}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E665124-D753-11D1-78B3-A1BA9964B590}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88AC3CB6-596B-4217-964C-B6757EF9602D}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE4567FD-2990-7DC6-C29E-6D5174650C6C}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
      Clave Supprimida : HKCU\Software\Optimizer Pro
      Clave Supprimida : HKCU\Software\SearchProtect
      Clave Supprimida : HKCU\Software\Softonic
      Clave Supprimida : HKLM\SOFTWARE\5e6dcdfb068e514
      Clave Supprimida : HKLM\Software\Babylon
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{1027302A-DAF2-61F6-6F0E-E1EF4C1D3FCF}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{10468FBA-E711-4F61-9C0C-F57F445F1A40}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{14E44A44-1529-F36F-45B6-9A4E94BAA0B7}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{2F734CF1-4F19-9CA0-A1BC-229AA7DAD7B4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{3CF94FBF-FB21-9BC8-6352-210A54DB256A}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{42333296-00D9-2B66-F6E5-6C80969BB4DD}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{46444C6A-9FE8-5B7C-748D-534AA03B4D78}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{5972B02A-D122-C0EE-8C2D-025AFB2CB4B0}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{64D8EB9C-401A-7CC6-DC05-523CFCD1FA02}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{6E665124-D753-11D1-78B3-A1BA9964B590}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{7AD1455F-5ACB-4A56-80AD-A1EDD5A2174B}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{88AC3CB6-596B-4217-964C-B6757EF9602D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{AE4567FD-2990-7DC6-C29E-6D5174650C6C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Prod.cap
      Clave Supprimida : HKLM\SOFTWARE\Classes\Toolbar.CT2851619
      Clave Supprimida : HKLM\SOFTWARE\Classes\Toolbar.CT3176921
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
      Clave Supprimida : HKLM\SOFTWARE\Classes\YontooIEClient.Api
      Clave Supprimida : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
      Clave Supprimida : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
      Clave Supprimida : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
      Clave Supprimida : HKLM\Software\Conduit
      Clave Supprimida : HKLM\Software\DataMngr
      Clave Supprimida : HKLM\Software\express-files
      Clave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh
      Clave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
      Clave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
      Clave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\npiecjlhkngdinoeekmccdbjdgclmnbk
      Clave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
      Clave Supprimida : HKLM\Software\Iminent
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65A7BBE8-6AE4-4151-9FDD-BD4A4FDCF9E6}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65AACA60-219D-4D34-BD8E-8C239265A8D7}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCA385C7-6559-4E64-A7E6-1FBE1C629F1E}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECA1D4F2-BC4D-4943-9DAF-46830ED84EB9}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01BD49D7-C76B-4310-8BEB-14D7E5F322C6}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1027302A-DAF2-61F6-6F0E-E1EF4C1D3FCF}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14E44A44-1529-F36F-45B6-9A4E94BAA0B7}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F734CF1-4F19-9CA0-A1BC-229AA7DAD7B4}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CF94FBF-FB21-9BC8-6352-210A54DB256A}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42333296-00D9-2B66-F6E5-6C80969BB4DD}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46444C6A-9FE8-5B7C-748D-534AA03B4D78}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5972B02A-D122-C0EE-8C2D-025AFB2CB4B0}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64D8EB9C-401A-7CC6-DC05-523CFCD1FA02}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E665124-D753-11D1-78B3-A1BA9964B590}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88AC3CB6-596B-4217-964C-B6757EF9602D}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE4567FD-2990-7DC6-C29E-6D5174650C6C}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{10468FBA-E711-4F61-9C0C-F57F445F1A40}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AD1455F-5ACB-4A56-80AD-A1EDD5A2174B}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
      Clave Supprimida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
      Clave Supprimida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
      Clave Supprimida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20E7BC40-33F6-4A81-9D52-B58349326206}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\express-files Toolbar
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_ES Toolbar
      Clave Supprimida : HKLM\Software\SearchProtect
      Clave Supprimida : HKLM\Software\SP Global
      Clave Supprimida : HKLM\Software\SProtector
      Clave Supprimida : HKLM\Software\Tarma Installer
      Clave Supprimida : HKLM\Software\uTorrentBar_ES
      Dato Supprimida : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\bcool\sprote~1.dll
      Dato Supprimida : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~2\251005~1.80\{c16c1~1\browse~1.dll
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{88AC3CB6-596B-4217-964C-B6757EF9602D}]
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}]
      Valor Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
      Valor Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
      Valor Supprimida : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
      Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88AC3CB6-596B-4217-964C-B6757EF9602D}]
      Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}]
      Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88AC3CB6-596B-4217-964C-B6757EF9602D}]
      Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}]
      Valor Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]

      ***** [Navegadores] *****

      -\\ Internet Explorer v9.0.8112.16476

      Sustituido : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com/?ctid=CT3176921&octid=CT3176921&SearchSource=61&CUI=UN64180244028223230&UM=UM_ID&UP=SP12D8858C-4F3E-4115-9E11-6EA38A6B4BE5 --> hxxp://www.google.com
      Sustituido : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.easylifeapp.com/?pid=388&src=ie1&r=2013/03/31&hid=1874964817&lg=EN&cc=MX --> hxxp://www.google.com

      -\\ Google Chrome v26.0.1410.64

      Fichero : C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Preferences

      [OK] El fichero no contiene ninguna entrada ilegítima.

      *************************

      AdwCleaner[S1].txt - [21954 octets] - [27/04/2013 20:38:08]

      ########## EOF - C:\AdwCleaner[S1].txt - [22015 octets] ##########

      OTL

      OTL logfile created on: 27/04/2013 08:54:53 p.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jorge\Downloads\asjgoalsholas
      Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 0000080A | Country: México | Language: ESM | Date Format: dd/MM/yyyy

      3.25 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 67.24% Memory free
      8.12 Gb Paging File | 6.44 Gb Available in Paging File | 79.31% Paging File free
      Paging file location(s): c:\pagefile.sys 4989 4989 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 390.53 Gb Total Space | 137.81 Gb Free Space | 35.29% Space Free | Partition Type: NTFS
      Drive D: | 540.89 Gb Total Space | 322.64 Gb Free Space | 59.65% Space Free | Partition Type: NTFS
      Drive F: | 2.34 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

      Computer Name: JORGE-PC | User Name: Jorge | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Jorge\Downloads\asjgoalsholas\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\Common Files\Steam\SteamService.exe (Valve Corporation)
      PRC - C:\Archivos de programa\Steam\Steam.exe (Valve Corporation)
      PRC - C:\Users\Jorge\Desktop\uTorrent.exe (BitTorrent Inc.)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\afwServ.exe (AVAST Software)
      PRC - C:\Archivos de programa\Google\Update\1.3.21.135\GoogleCrashHandler.exe (Google Inc.)
      PRC - C:\Archivos de programa\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
      PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      PRC - C:\Archivos de programa\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
      PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
      PRC - C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      PRC - C:\Archivos de programa\ATI Technologies\HydraVision\HydraDM.exe (AMD)
      PRC - C:\Windows\System32\atieclxx.exe (AMD)
      PRC - C:\Windows\System32\atiesrxx.exe (AMD)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Canon\IJPLM\ijplmsvc.exe ()
      PRC - C:\Archivos de programa\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
      PRC - C:\Archivos de programa\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Archivos de programa\Steam\bin\chromehtml.dll ()
      MOD - C:\Archivos de programa\Steam\bin\libcef.dll ()
      MOD - C:\Archivos de programa\Steam\SDL2.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
      MOD - C:\Archivos de programa\Steam\bin\avcodec-53.dll ()
      MOD - C:\Archivos de programa\Steam\bin\avformat-53.dll ()
      MOD - C:\Archivos de programa\Steam\bin\avutil-51.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\HydraVision\hydraesp.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll ()
      MOD - C:\Archivos de programa\Common Files\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Archivos de programa\Common Files\Apple\Apple Application Support\libxml2.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_es_31bf3856ad364e35\PresentationFramework.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\System.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_es_b77a5c561934e089\System.Windows.Forms.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()


      ========== Services (SafeList) ==========

      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (avast! Firewall) -- C:\Archivos de programa\AVAST Software\Avast\afwServ.exe (AVAST Software)
      SRV - (McComponentHostService) -- C:\Archivos de programa\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
      SRV - (PSUAService) -- C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      SRV - (NanoServiceMain) -- C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      SRV - (NisSrv) -- C:\Archivos de programa\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
      SRV - (MsMpSvc) -- C:\Archivos de programa\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (Futuremark SystemInfo Service) -- C:\Archivos de programa\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
      SRV - (TunngleService) -- C:\Archivos de programa\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
      SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (IJPLMSVC) -- C:\Archivos de programa\Canon\IJPLM\ijplmsvc.exe ()
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (MSSQL$SQLEXPRESS) -- C:\Archivos de programa\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
      SRV - (SQLAgent$SQLEXPRESS) -- C:\Archivos de programa\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
      SRV - (MSSQLServerADHelper100) -- C:\Archivos de programa\Microsoft SQL Server\100\Shared\sqladhlp.exe (Microsoft Corporation)
      SRV - (SQLWriter) -- C:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
      SRV - (SQLBrowser) -- C:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (cpuz136) -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys File not found
      DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\DTSOFTBUS01.SYS (DT Soft Ltd)
      DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
      DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
      DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
      DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
      DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
      DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
      DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
      DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
      DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
      DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
      DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
      DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software)
      DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
      DRV - (NNSHTTPS) -- C:\Windows\System32\drivers\NNSHttps.sys (Panda Security, S.L.)
      DRV - (NNSSTRM) -- C:\Windows\System32\drivers\NNSStrm.sys (Panda Security, S.L.)
      DRV - (NNSPIHSW) -- C:\Windows\System32\drivers\NNSPihsw.sys (Panda Security, S.L.)
      DRV - (NNSSMTP) -- C:\Windows\System32\drivers\NNSSmtp.sys (Panda Security, S.L.)
      DRV - (NNSTLSC) -- C:\Windows\System32\drivers\NNStlsc.sys (Panda Security, S.L.)
      DRV - (NNSPROT) -- C:\Windows\System32\drivers\NNSProt.sys (Panda Security, S.L.)
      DRV - (NNSPRV) -- C:\Windows\System32\drivers\NNSPrv.sys (Panda Security, S.L.)
      DRV - (NNSPOP3) -- C:\Windows\System32\drivers\NNSPop3.sys (Panda Security, S.L.)
      DRV - (NNSPICC) -- C:\Windows\System32\drivers\NNSpicc.sys (Panda Security, S.L.)
      DRV - (NNSIDS) -- C:\Windows\System32\drivers\NNSIds.sys (Panda Security, S.L.)
      DRV - (NNSHTTP) -- C:\Windows\System32\drivers\NNSHttp.sys (Panda Security, S.L.)
      DRV - (NNSALPC) -- C:\Windows\System32\drivers\NNSAlpc.sys (Panda Security, S.L.)
      DRV - (PSINProt) -- C:\Windows\System32\drivers\PSINProt.sys (Panda Security, S.L.)
      DRV - (PSINProc) -- C:\Windows\System32\drivers\PSINProc.sys (Panda Security, S.L.)
      DRV - (PSINKNC) -- C:\Windows\System32\drivers\PSINKNC.sys (Panda Security, S.L.)
      DRV - (PSINAflt) -- C:\Windows\System32\drivers\PSINAflt.sys (Panda Security, S.L.)
      DRV - (PSINFile) -- C:\Windows\System32\drivers\PSINFile.sys (Panda Security, S.L.)
      DRV - (PSKMAD) -- C:\Windows\System32\drivers\PSKMAD.sys (Panda Security, S.L.)
      DRV - (NNSNAHSL) -- C:\Windows\System32\drivers\NNSNAHSL.sys (Panda Security, S.L.)
      DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
      DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
      DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
      DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV - (AODDriver4.1) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys (Advanced Micro Devices)
      DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
      DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
      DRV - (athur) -- C:\Windows\System32\drivers\athur.sys (Atheros Communications, Inc.)
      DRV - (TsLwWfF) -- C:\Windows\System32\drivers\TsLwWfF.sys (TamoSoft)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV - (cpuz135) -- C:\Windows\System32\drivers\cpuz135_x32.sys (CPUID)
      DRV - (cpuz134) -- C:\Archivos de programa\CPUID\PC Wizard 2010\pcwiz_x32.sys (Windows (R) Win 7 DDK provider)
      DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)
      DRV - (tap0901t) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net)
      DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
      DRV - (RsFx0102) -- C:\Windows\System32\drivers\RsFx0102.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


      IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

      IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

      IE - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Noticias, Deportes, Entretenimiento, Videos, Música, Cine y Estilos de Vida en Prodigy MSN
      IE - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-MX
      IE - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 13 34 D9 04 F9 AF CD 01 [binary data]
      IE - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\..\SearchScopes,DefaultScope =
      IE - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


      ========== FireFox ==========

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nppl3260.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nprpjplug.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\PSafe\ClikSeguro\\ffext

      [2012/11/07 20:53:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jorge\AppData\Roaming\mozilla\Firefox\extensions
      [2012/11/07 20:53:18 | 000,000,000 | ---D | M] (uTorrentBar_ES) -- C:\Users\Jorge\AppData\Roaming\mozilla\Firefox\extensions\{db131c55-60c8-4adc-84dc-9e76ab06e2dc}
      [2012/11/18 13:45:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jorge\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions
      [2012/12/09 14:34:48 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Jorge\AppData\Roaming\mozilla\firefox\profiles\0\extensions\[email protected]

      ========== Chrome ==========

      CHR - homepage: Easylifeapp Search
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaalpfjahjcnkgpoplpfhadflekbdoj\11.40914_1\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammgpoopafhlhahgjlbgdiddnjjdidnb\3_0\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamkbfdmckphehgiafpenehgebjgdlli\1.2.1_0\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgpjjnhgdllojhjdgbegebejocjfoopd\2_0\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijhkpgjoblldmbdfodncglbebagpgni\7.1_0\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplkdfgfdfjelnhlgfdbpiankhcfcgom\1\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.62_0\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_1\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\inbkdfimpfoeggmdoiiiakcfipifkiam\1.3_0\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdckejfnkaemompfjhecfmhjgnchmjg\5.2_0\
      CHR - Extension: No name found = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

      O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Archivos de programa\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
      O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
      O4 - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      O4 - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
      O4 - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)
      O4 - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
      O4 - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000..\Run: [uTorrent] C:\Users\Jorge\Desktop\uTorrent.exe (BitTorrent Inc.)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - Startup: C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla y Selector de OneNote 2010.lnk = C:\Archivos de programa\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O13 - gopher Prefix: missing
      O15 - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
      O15 - HKU\S-1-5-21-2269375970-2361914396-3560209825-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21C02386-1119-472E-AEB2-819B24188317}: DhcpNameServer = 192.168.1.254
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (c:\progra~2\browse~2\251005~1.80\{c16c1~1\browse~1.dll) - File not found
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O32 - AutoRun File - [2013/01/25 10:00:16 | 000,000,042 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
      O33 - MountPoints2\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\Shell - "" = AutoRun
      O33 - MountPoints2\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
      O33 - MountPoints2\F\Shell - "" = AutoRun
      O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/04/27 20:41:15 | 000,046,672 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\PSKMAD.sys
      [2013/04/27 19:01:16 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Roaming\Malwarebytes
      [2013/04/27 19:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/04/27 19:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/04/27 19:00:48 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2013/04/27 19:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2013/04/27 15:09:52 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Roaming\Panda Security
      [2013/04/27 15:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
      [2013/04/27 15:06:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
      [2013/04/27 15:06:53 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
      [2013/04/27 14:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
      [2013/04/27 13:38:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
      [2013/04/27 13:38:08 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Local\Programs
      [2013/04/24 16:33:52 | 000,000,000 | ---D | C] -- C:\Users\Jorge\Documents\Games for Windows - LIVE Demos
      [2013/04/24 16:26:16 | 000,000,000 | ---D | C] -- C:\Users\Jorge\Documents\Eidos
      [2013/04/24 15:48:50 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Local\Downloaded Installations
      [2013/04/24 15:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos
      [2013/04/21 17:32:40 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
      [2013/04/15 17:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
      [2013/04/15 17:19:48 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
      [2013/04/15 17:19:47 | 000,368,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
      [2013/04/15 17:19:07 | 000,199,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
      [2013/04/15 17:19:06 | 000,101,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
      [2013/04/15 17:19:05 | 000,060,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
      [2013/04/15 17:19:04 | 000,062,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
      [2013/04/15 17:19:02 | 000,021,576 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
      [2013/04/15 17:19:00 | 000,765,736 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
      [2013/04/15 17:18:53 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
      [2013/04/15 17:18:23 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
      [2013/04/15 17:18:22 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
      [2013/04/09 18:05:09 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Roaming\LolClient
      [2013/04/08 21:30:53 | 000,000,000 | ---D | C] -- C:\Riot Games
      [2013/04/08 21:30:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
      [2013/04/08 16:32:08 | 000,000,000 | ---D | C] -- C:\Program Files\League of Legends
      [2013/04/06 15:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
      [2013/04/06 15:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
      [2013/04/06 15:36:03 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations
      [2013/04/06 15:35:45 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Roaming\HpUpdate
      [2013/04/06 15:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
      [2013/04/06 15:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
      [2013/04/06 15:35:07 | 000,000,000 | ---D | C] -- C:\Program Files\HP
      [2013/04/06 15:28:17 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Local\HP
      [2013/04/04 23:21:20 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Local\FLT
      [2013/04/02 17:29:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
      [2013/03/31 14:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
      [2013/03/31 14:06:01 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Users\Jorge\Desktop\*.tmp files -> C:\Users\Jorge\Desktop\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/04/27 20:48:31 | 000,022,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/04/27 20:48:31 | 000,022,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/04/27 20:46:29 | 000,810,548 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2013/04/27 20:46:29 | 000,717,250 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2013/04/27 20:46:29 | 000,182,138 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2013/04/27 20:46:29 | 000,145,272 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2013/04/27 20:41:01 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/04/27 20:41:01 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{0032E68E-F381-4DEC-8F7A-FD9033AFA87C}.job
      [2013/04/27 20:41:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/04/27 20:40:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/04/27 20:40:48 | 2615,762,944 | -HS- | M] () -- C:\hiberfil.sys
      [2013/04/27 20:38:59 | 000,000,217 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
      [2013/04/27 20:27:02 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/04/27 20:27:02 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
      [2013/04/27 20:26:51 | 000,493,528 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
      [2013/04/27 19:01:00 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/04/27 18:59:23 | 000,004,624 | ---- | M] () -- C:\Users\Jorge\Desktop\cc_20130427_185912.reg
      [2013/04/27 18:58:21 | 000,089,716 | ---- | M] () -- C:\Users\Jorge\Desktop\cc_20130427_185738.reg
      [2013/04/27 18:37:14 | 000,619,461 | ---- | M] () -- C:\Users\Jorge\Desktop\adwcleaner.exe
      [2013/04/27 14:33:21 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\DTSOFTBUS01.SYS
      [2013/04/27 14:08:10 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
      [2013/04/27 13:38:12 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\Dll-Files Fixer.lnk
      [2013/04/24 19:58:18 | 283,063,897 | R--- | M] () -- C:\Users\Jorge\Documents\Dark.Souls.Complete.Strategy.Guide.__Grundle.Release.pdf
      [2013/04/24 17:12:06 | 000,000,264 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job
      [2013/04/21 17:32:57 | 000,000,326 | ---- | M] () -- C:\Users\Jorge\Desktop\Herramientas de diagnóstico de impresora HP.url
      [2013/04/21 17:32:45 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 2510 series.lnk
      [2013/04/16 15:48:54 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jorge\Desktop\uTorrent.exe
      [2013/04/15 17:51:07 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
      [2013/04/15 17:19:49 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
      [2013/04/11 16:12:00 | 000,017,344 | ---- | M] (Dll-Files.com) -- C:\Windows\System32\roboot.exe
      [2013/04/08 21:39:13 | 000,001,547 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
      [2013/04/07 00:55:01 | 000,002,100 | ---- | M] () -- C:\Users\Jorge\Desktop\BioShockInfinite.lnk
      [2013/04/06 15:36:07 | 000,001,953 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
      [2013/04/06 15:35:23 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Comprar consumibles - HP Deskjet 2510 series.lnk
      [2013/04/06 15:35:01 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
      [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2013/03/31 14:06:05 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Users\Jorge\Desktop\*.tmp files -> C:\Users\Jorge\Desktop\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/04/27 20:38:26 | 000,000,217 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
      [2013/04/27 19:01:00 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/04/27 18:59:19 | 000,004,624 | ---- | C] () -- C:\Users\Jorge\Desktop\cc_20130427_185912.reg
      [2013/04/27 18:57:46 | 000,089,716 | ---- | C] () -- C:\Users\Jorge\Desktop\cc_20130427_185738.reg
      [2013/04/27 18:36:54 | 000,619,461 | ---- | C] () -- C:\Users\Jorge\Desktop\adwcleaner.exe
      [2013/04/27 14:08:10 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
      [2013/04/27 14:07:59 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
      [2013/04/24 19:28:59 | 283,063,897 | R--- | C] () -- C:\Users\Jorge\Documents\Dark.Souls.Complete.Strategy.Guide.__Grundle.Release.pdf
      [2013/04/21 17:32:57 | 000,000,326 | ---- | C] () -- C:\Users\Jorge\Desktop\Herramientas de diagnóstico de impresora HP.url
      [2013/04/15 17:19:49 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
      [2013/04/15 17:18:57 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
      [2013/04/15 17:18:55 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
      [2013/04/15 16:09:53 | 000,000,081 | ---- | C] () -- C:\Program Files\update-XCOM.bat
      [2013/04/08 21:39:13 | 000,001,547 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
      [2013/04/08 15:53:56 | 004,194,816 | ---- | C] () -- C:\Chrono Trigger.smc
      [2013/04/07 00:55:01 | 000,002,100 | ---- | C] () -- C:\Users\Jorge\Desktop\BioShockInfinite.lnk
      [2013/04/06 15:36:07 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
      [2013/04/06 15:35:23 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 2510 series.lnk
      [2013/04/06 15:35:23 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Comprar consumibles - HP Deskjet 2510 series.lnk
      [2013/04/06 15:35:01 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
      [2013/03/31 14:06:05 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
      [2013/03/20 19:51:44 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
      [2013/03/20 18:29:08 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
      [2013/03/20 18:29:08 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
      [2013/03/20 17:41:34 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
      [2013/03/10 13:41:08 | 035,648,512 | ---- | C] () -- C:\Program Files\PhysX-installer.msi
      [2013/03/10 13:34:22 | 000,003,153 | ---- | C] () -- C:\Program Files\visit-nosteam-forum.html
      [2013/03/10 13:34:22 | 000,000,081 | ---- | C] () -- C:\Program Files\update-mafia2.bat
      [2013/03/06 20:48:11 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
      [2013/03/06 20:48:11 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
      [2013/03/06 20:48:11 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
      [2013/03/06 20:48:11 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
      [2013/03/06 19:04:35 | 000,000,016 | ---- | C] () -- C:\Users\Jorge\AppData\Roaming\sd.bat
      [2013/02/25 19:28:25 | 000,000,084 | ---- | C] () -- C:\Program Files\update-DeusEx.bat
      [2013/02/24 13:52:32 | 000,003,154 | ---- | C] () -- C:\Program Files\visit-nosteam.ro.html
      [2013/02/24 13:52:32 | 000,000,084 | ---- | C] () -- C:\Program Files\update-DeadSpace3.bat
      [2012/12/01 15:13:05 | 000,138,736 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
      [2012/11/22 16:22:34 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
      [2012/11/22 16:22:32 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
      [2012/11/08 21:59:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
      [2012/11/06 22:31:26 | 000,393,256 | ---- | C] () -- C:\Windows\System32\CNQ2414N.DAT
      [2012/10/21 12:21:22 | 000,001,243 | ---- | C] () -- C:\Windows\soundcfg.ini
      [2012/10/21 12:21:11 | 000,018,116 | ---- | C] () -- C:\Windows\System32\winchk.exe
      [2012/10/21 12:21:09 | 000,017,408 | ---- | C] () -- C:\Windows\System32\ftdll16.dll
      [2012/10/21 12:21:05 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\Qa3d.dll
      [2012/10/21 12:21:01 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\A3d.dll
      [2012/10/21 12:18:18 | 000,048,128 | ---- | C] () -- C:\Windows\System32\ftdll32.dll
      [2012/10/19 19:39:56 | 000,015,416 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
      [2012/10/19 19:39:33 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
      [2012/10/19 19:36:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
      [2012/10/19 19:35:20 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
      [2012/10/19 19:35:20 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
      [2012/10/19 19:35:20 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
      [2012/06/19 07:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\System32\pbsvc.exe
      [2012/02/14 22:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
      [2012/01/31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
      [2012/01/10 0308 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

      ========== ZeroAccess Check ==========

      [2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 16:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2013/04/23 19:11:19 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\.minecraft
      [2013/03/20 18:11:48 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\avidemux
      [2012/12/22 04:01:55 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\BigHugeEngine
      [2013/03/20 18:40:33 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\BSplayer PRO
      [2012/11/06 22:33:18 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Canon
      [2013/04/27 18:55:04 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\DAEMON Tools Lite
      [2012/10/27 19:59:37 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\dll-files.com
      [2013/02/10 14:17:39 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\ExpressFiles
      [2012/12/27 21:09:15 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\GonVisor
      [2013/04/09 18:05:09 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\LolClient
      [2013/01/19 17:40:02 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\MAGIX
      [2012/11/29 17:02:47 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Origin
      [2013/04/27 15:09:52 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Panda Security
      [2012/12/14 20:52:09 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Red Kawa
      [2013/03/06 20:48:09 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Simply Super Software
      [2012/12/15 21:31:49 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Systweak
      [2012/11/25 13:44:16 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Theta
      [2013/02/02 21:21:38 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Tunngle
      [2013/01/08 18:52:08 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Ubisoft
      [2013/04/27 20:57:54 | 000,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\uTorrent

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2013/04/27 20:38:59 | 000,022,085 | ---- | M] () -- C:\AdwCleaner[S1].txt
      [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [1999/05/19 03:18:26 | 000,020,255 | ---- | M] () -- C:\CFG801.EXE
      [1996/06/28 07:27:54 | 004,194,816 | ---- | M] () -- C:\Chrono Trigger.smc
      [2009/06/10 16:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [1999/05/19 04:15:24 | 000,004,657 | ---- | M] () -- C:\DOS801.EXE
      [2013/04/27 20:40:48 | 2615,762,944 | -HS- | M] () -- C:\hiberfil.sys
      [2012/10/21 12:09:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2012/10/21 12:09:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2013/04/27 20:40:50 | 936,378,367 | -HS- | M] () -- C:\pagefile.sys
      [1998/12/21 04:51:30 | 000,000,055 | ---- | M] () -- C:\VOLUME.CFG

      ========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
      [C:\Windows\$NtUninstallKB16927$] -> Error: Cannot create file handle -> Unknown point type

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:CB0AACC9
      @Alternate Data Stream - 12 bytes -> C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}

      < End of report >

      Saludos

    4. #4
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      15.800

      Re: Ayuda con Malware y asegurarme que a desaparecido

      Ahora sigue estos pasos :

      MUY Importante ~ Realiza una copia de seguridad del registro con >> Erunt.

      Y después ejecuta de nuevo OTL.exe

      Copia y Pega el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación.

      Código:
      :OTL
      PRC - C:\Archivos de programa\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
      PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
      SRV - (McComponentHostService) -- C:\Archivos de programa\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
      SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
      DRV - (cpuz136) -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys File not found
      DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
      DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nppl3260.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nprpjplug.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Archivos de programa\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O4 - HKLM..\Run: [] File not found
      O13 - gopher Prefix: missing
      O20 - AppInit_DLLs: (c:\progra~2\browse~2\251005~1.80\{c16c1~1\browse~1.dll) - File not found
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O33 - MountPoints2\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\Shell - "" = AutoRun
      O33 - MountPoints2\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
      O33 - MountPoints2\F\Shell - "" = AutoRun
      O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Users\Jorge\Desktop\*.tmp files -> C:\Users\Jorge\Desktop\*.tmp -> ]
      [2013/04/27 20:41:01 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{0032E68E-F381-4DEC-8F7A-FD9033AFA87C}.job
      [2013/04/27 20:27:02 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
      [2013/03/06 19:04:35 | 000,000,016 | ---- | C] () -- C:\Users\Jorge\AppData\Roaming\sd.bat
      [2013/02/25 19:28:25 | 000,000,084 | ---- | C] () -- C:\Program Files\update-DeusEx.bat
      [1999/05/19 03:18:26 | 000,020,255 | ---- | M] () -- C:\CFG801.EXE
      [1996/06/28 07:27:54 | 004,194,816 | ---- | M] () -- C:\Chrono Trigger.smc
      [1999/05/19 04:15:24 | 000,004,657 | ---- | M] () -- C:\DOS801.EXE
      [C:\Windows\$NtUninstallKB16927$] -> Error: Cannot create file handle -> Unknown point type
      @Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:CB0AACC9
      @Alternate Data Stream - 12 bytes -> C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
      :Files
      ipconfig /flushdns /c
      ipconfig /renew /c
      :Commands
      [PURITY]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [RESETHOSTS]
      OTL va a Reiniciar el ordenador para completar la eliminación.

      Guardas el nuevo reporte generado, y lo copias y pegas en tu próxima respuesta.

      Antes de contestarnos, y después de pasar OTL, revisa/actualiza tu versión de Java(Muy Importante) >> Descarga gratuita del software de Java

      Y cuando nos contestes dinos que versión de Java se ha quedado instalada >> ¿Cómo puedo comprobar si Java funciona en mi equipo?

      Recuerda ponernos el log de OTL, y dinos también que versión de Java tienes ahora y como sigue el ordenador, en relación al problema planteado.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de MrCrazy
      Registrado
      abr 2013
      Ubicación
      España
      Mensajes
      7

      Re: Ayuda con Malware y asegurarme que a desaparecido

      disculpa, pero es que cuando trato de hacer la copia del registro con Erunt primero me sale que no se puede crear ERDNT.INF y luego durante el proceso me salen muchos mensajes de "error guardando el archivo"

    6. #6
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      15.800

      Re: Ayuda con Malware y asegurarme que a desaparecido

      Has realizado todos los pasos del Erunt, instalación y ejecución, haciéndolos :
      Nota: Si usas Windows Vista o 7 haz clic derecho y selecciona "Ejecutar como Administrador."
      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de MrCrazy
      Registrado
      abr 2013
      Ubicación
      España
      Mensajes
      7

      Re: Ayuda con Malware y asegurarme que a desaparecido

      Muchas gracias, primeramente en java tenia la version 7 update 9 y a cambia a la version 7 update 21, ok luego cuando hice lo de OTL no me reinicio la computadora ¿hice algo mal?, con respecto al funcionamiento la computadora me ido normal en velocidad y funcionamiento (como antes del sirefef.gen) y aqui te dejo el log de OTL:

      OTL logfile created on: 28/04/2013 10:51:25 a.m. - Run 2
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jorge\Desktop\asjgoalsholas
      Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 0000080A | Country: México | Language: ESM | Date Format: dd/MM/yyyy

      3.25 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 67.06% Memory free
      8.12 Gb Paging File | 6.48 Gb Available in Paging File | 79.78% Paging File free
      Paging file location(s): c:\pagefile.sys 4989 4989 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 390.53 Gb Total Space | 137.44 Gb Free Space | 35.19% Space Free | Partition Type: NTFS
      Drive D: | 540.89 Gb Total Space | 322.64 Gb Free Space | 59.65% Space Free | Partition Type: NTFS
      Drive F: | 2.34 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

      Computer Name: JORGE-PC | User Name: Jorge | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Jorge\Desktop\asjgoalsholas\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\Common Files\Steam\SteamService.exe (Valve Corporation)
      PRC - C:\Archivos de programa\Steam\Steam.exe (Valve Corporation)
      PRC - C:\Users\Jorge\Desktop\uTorrent.exe (BitTorrent Inc.)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\afwServ.exe (AVAST Software)
      PRC - C:\Archivos de programa\Google\Update\1.3.21.135\GoogleCrashHandler.exe (Google Inc.)
      PRC - C:\Archivos de programa\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
      PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      PRC - C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      PRC - C:\Archivos de programa\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
      PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
      PRC - C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      PRC - C:\Archivos de programa\ATI Technologies\HydraVision\HydraDM.exe (AMD)
      PRC - C:\Windows\System32\atieclxx.exe (AMD)
      PRC - C:\Windows\System32\atiesrxx.exe (AMD)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Canon\IJPLM\ijplmsvc.exe ()
      PRC - C:\Archivos de programa\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
      PRC - C:\Archivos de programa\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)


      ========== Modules (No Company Name) ==========

      MOD - C:\Archivos de programa\Steam\bin\chromehtml.dll ()
      MOD - C:\Archivos de programa\Steam\bin\libcef.dll ()
      MOD - C:\Archivos de programa\Steam\SDL2.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
      MOD - C:\Archivos de programa\Steam\bin\avcodec-53.dll ()
      MOD - C:\Archivos de programa\Steam\bin\avformat-53.dll ()
      MOD - C:\Archivos de programa\Steam\bin\avutil-51.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\HydraVision\hydraesp.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
      MOD - C:\Archivos de programa\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll ()
      MOD - C:\Archivos de programa\Common Files\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Archivos de programa\Common Files\Apple\Apple Application Support\libxml2.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_es_31bf3856ad364e35\PresentationFramework.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\System.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_es_b77a5c561934e089\System.Windows.Forms.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()


      ========== Services (SafeList) ==========

      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (avast! Firewall) -- C:\Archivos de programa\AVAST Software\Avast\afwServ.exe (AVAST Software)
      SRV - (McComponentHostService) -- C:\Archivos de programa\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
      SRV - (PSUAService) -- C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
      SRV - (NanoServiceMain) -- C:\Archivos de programa\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
      SRV - (NisSrv) -- C:\Archivos de programa\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
      SRV - (MsMpSvc) -- C:\Archivos de programa\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (Futuremark SystemInfo Service) -- C:\Archivos de programa\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
      SRV - (TunngleService) -- C:\Archivos de programa\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
      SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
      SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
      SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (IJPLMSVC) -- C:\Archivos de programa\Canon\IJPLM\ijplmsvc.exe ()
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (MSSQL$SQLEXPRESS) -- C:\Archivos de programa\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
      SRV - (SQLAgent$SQLEXPRESS) -- C:\Archivos de programa\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
      SRV - (MSSQLServerADHelper100) -- C:\Archivos de programa\Microsoft SQL Server\100\Shared\sqladhlp.exe (Microsoft Corporation)
      SRV - (SQLWriter) -- C:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
      SRV - (SQLBrowser) -- C:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (cpuz136) -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys File not found
      DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\DTSOFTBUS01.SYS (DT Soft Ltd)
      DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
      DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
      DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
      DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
      DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
      DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
      DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
      DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
      DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
      DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
      DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
      DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software)
      DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
      DRV - (NNSHTTPS) -- C:\Windows\System32\drivers\NNSHttps.sys (Panda Security, S.L.)
      DRV - (NNSSTRM) -- C:\Windows\System32\drivers\NNSStrm.sys (Panda Security, S.L.)
      DRV - (NNSPIHSW) -- C:\Windows\System32\drivers\NNSPihsw.sys (Panda Security, S.L.)
      DRV - (NNSSMTP) -- C:\Windows\System32\drivers\NNSSmtp.sys (Panda Security, S.L.)
      DRV - (NNSTLSC) -- C:\Windows\System32\drivers\NNStlsc.sys (Panda Security, S.L.)
      DRV - (NNSPROT) -- C:\Windows\System32\drivers\NNSProt.sys (Panda Security, S.L.)
      DRV - (NNSPRV) -- C:\Windows\System32\drivers\NNSPrv.sys (Panda Security, S.L.)
      DRV - (NNSPOP3) -- C:\Windows\System32\drivers\NNSPop3.sys (Panda Security, S.L.)
      DRV - (NNSPICC) -- C:\Windows\System32\drivers\NNSpicc.sys (Panda Security, S.L.)
      DRV - (NNSIDS) -- C:\Windows\System32\drivers\NNSIds.sys (Panda Security, S.L.)
      DRV - (NNSHTTP) -- C:\Windows\System32\drivers\NNSHttp.sys (Panda Security, S.L.)
      DRV - (NNSALPC) -- C:\Windows\System32\drivers\NNSAlpc.sys (Panda Security, S.L.)
      DRV - (PSINProt) -- C:\Windows\System32\drivers\PSINProt.sys (Panda Security, S.L.)
      DRV - (PSINProc) -- C:\Windows\System32\drivers\PSINProc.sys (Panda Security, S.L.)
      DRV - (PSINKNC) -- C:\Windows\System32\drivers\PSINKNC.sys (Panda Security, S.L.)
      DRV - (PSINAflt) -- C:\Windows\System32\drivers\PSINAflt.sys (Panda Security, S.L.)
      DRV - (PSINFile) -- C:\Windows\System32\drivers\PSINFile.sys (Panda Security, S.L.)
      DRV - (PSKMAD) -- C:\Windows\System32\drivers\PSKMAD.sys (Panda Security, S.L.)
      DRV - (NNSNAHSL) -- C:\Windows\System32\drivers\NNSNAHSL.sys (Panda Security, S.L.)
      DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
      DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
      DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
      DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV - (AODDriver4.1) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys (Advanced Micro Devices)
      DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
      DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
      DRV - (athur) -- C:\Windows\System32\drivers\athur.sys (Atheros Communications, Inc.)
      DRV - (TsLwWfF) -- C:\Windows\System32\drivers\TsLwWfF.sys (TamoSoft)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV - (cpuz135) -- C:\Windows\System32\drivers\cpuz135_x32.sys (CPUID)
      DRV - (cpuz134) -- C:\Archivos de programa\CPUID\PC Wizard 2010\pcwiz_x32.sys (Windows (R) Win 7 DDK provider)
      DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)
      DRV - (tap0901t) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net)
      DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
      DRV - (RsFx0102) -- C:\Windows\System32\drivers\RsFx0102.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Noticias, Deportes, Entretenimiento, Videos, Música, Cine y Estilos de Vida en Prodigy MSN
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-MX
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 13 34 D9 04 F9 AF CD 01 [binary data]
      IE - HKCU\..\SearchScopes,DefaultScope =
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


      ========== FireFox ==========

      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nppl3260.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nprpjplug.dll File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\PSafe\ClikSeguro\\ffext

      [2012/11/07 20:53:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jorge\AppData\Roaming\mozilla\Firefox\extensions
      [2012/11/07 20:53:18 | 000,000,000 | ---D | M] (uTorrentBar_ES) -- C:\Users\Jorge\AppData\Roaming\mozilla\Firefox\extensions\{db131c55-60c8-4adc-84dc-9e76ab06e2dc}
      [2012/11/18 13:45:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jorge\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions
      [2012/12/09 14:34:48 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Jorge\AppData\Roaming\mozilla\firefox\profiles\0\extensions\[email protected]

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
      CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Google\Chrome\Application\plugins\nppl3260.dll
      CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Google\Chrome\Application\plugins\nprpjplug.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
      CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
      CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
      CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
      CHR - plugin: Uplay PC (Enabled) = C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
      CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
      CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll
      CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\system32\npDeployJava1.dll
      CHR - Extension: Keep Thinking Different = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammgpoopafhlhahgjlbgdiddnjjdidnb\3_0\
      CHR - Extension: Bcool = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\bheccojgjlhcbfbmogbonhdbodagcfec\7.1_0\
      CHR - Extension: Bcool = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijhkpgjoblldmbdfodncglbebagpgni\7.1_0\
      CHR - Extension: avast! WebRep = C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\

      O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Archivos de programa\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
      O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
      O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      O4 - HKCU..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
      O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)
      O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
      O4 - HKCU..\Run: [uTorrent] C:\Users\Jorge\Desktop\uTorrent.exe (BitTorrent Inc.)
      O4 - Startup: C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Archivos de programa\ERUNT\AUTOBACK.EXE ()
      O4 - Startup: C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla y Selector de OneNote 2010.lnk = C:\Archivos de programa\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O13 - gopher Prefix: missing
      O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
      O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
      O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
      O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21C02386-1119-472E-AEB2-819B24188317}: DhcpNameServer = 192.168.1.254
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (c:\progra~2\browse~2\251005~1.80\{c16c1~1\browse~1.dll) - File not found
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O32 - AutoRun File - [2013/01/25 10:00:16 | 000,000,042 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
      O33 - MountPoints2\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\Shell - "" = AutoRun
      O33 - MountPoints2\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
      O33 - MountPoints2\F\Shell - "" = AutoRun
      O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/04/28 10:49:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
      [2013/04/28 10:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
      [2013/04/28 10:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
      [2013/04/28 09:59:18 | 000,046,672 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\PSKMAD.sys
      [2013/04/27 19:01:16 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Roaming\Malwarebytes
      [2013/04/27 19:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/04/27 19:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/04/27 19:00:48 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2013/04/27 19:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2013/04/27 18:44:41 | 000,000,000 | ---D | C] -- C:\Users\Jorge\Desktop\asjgoalsholas
      [2013/04/27 15:09:52 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Roaming\Panda Security
      [2013/04/27 15:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
      [2013/04/27 15:06:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
      [2013/04/27 15:06:53 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
      [2013/04/27 14:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
      [2013/04/27 13:38:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
      [2013/04/27 13:38:08 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Local\Programs
      [2013/04/24 16:33:52 | 000,000,000 | ---D | C] -- C:\Users\Jorge\Documents\Games for Windows - LIVE Demos
      [2013/04/24 16:26:16 | 000,000,000 | ---D | C] -- C:\Users\Jorge\Documents\Eidos
      [2013/04/24 15:48:50 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Local\Downloaded Installations
      [2013/04/24 15:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos
      [2013/04/21 17:32:40 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
      [2013/04/15 17:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
      [2013/04/15 17:19:48 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
      [2013/04/15 17:19:47 | 000,368,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
      [2013/04/15 17:19:07 | 000,199,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
      [2013/04/15 17:19:06 | 000,101,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
      [2013/04/15 17:19:05 | 000,060,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
      [2013/04/15 17:19:04 | 000,062,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
      [2013/04/15 17:19:02 | 000,021,576 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
      [2013/04/15 17:19:00 | 000,765,736 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
      [2013/04/15 17:18:53 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
      [2013/04/15 17:18:23 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
      [2013/04/15 17:18:22 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
      [2013/04/09 23:50:47 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
      [2013/04/09 23:50:46 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
      [2013/04/09 23:50:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
      [2013/04/09 23:50:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
      [2013/04/09 23:50:45 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
      [2013/04/09 23:50:44 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
      [2013/04/09 23:50:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
      [2013/04/09 23:50:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
      [2013/04/09 23:49:02 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
      [2013/04/09 23:48:47 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
      [2013/04/09 23:48:42 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
      [2013/04/09 23:48:41 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
      [2013/04/09 23:48:38 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
      [2013/04/09 23:48:38 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
      [2013/04/09 18:05:09 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Roaming\LolClient
      [2013/04/08 21:39:10 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
      [2013/04/08 21:39:10 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
      [2013/04/08 21:39:08 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
      [2013/04/08 21:30:53 | 000,000,000 | ---D | C] -- C:\Riot Games
      [2013/04/08 21:30:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
      [2013/04/08 16:32:08 | 000,000,000 | ---D | C] -- C:\Program Files\League of Legends
      [2013/04/06 15:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
      [2013/04/06 15:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
      [2013/04/06 15:36:03 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations
      [2013/04/06 15:35:45 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Roaming\HpUpdate
      [2013/04/06 15:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
      [2013/04/06 15:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
      [2013/04/06 15:35:07 | 000,000,000 | ---D | C] -- C:\Program Files\HP
      [2013/04/06 15:28:17 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Local\HP
      [2013/04/04 23:21:20 | 000,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Local\FLT
      [2013/04/02 17:29:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
      [2013/04/02 17:29:03 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
      [2013/04/02 17:28:53 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
      [2013/04/02 17:28:53 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
      [2013/04/02 17:28:53 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
      [2013/03/31 14:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
      [2013/03/31 14:06:01 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Users\Jorge\Desktop\*.tmp files -> C:\Users\Jorge\Desktop\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/04/28 10:30:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/04/28 10:28:27 | 000,001,078 | ---- | M] () -- C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
      [2013/04/28 10:28:14 | 000,000,898 | ---- | M] () -- C:\Users\Jorge\Desktop\NTREGOPT.lnk
      [2013/04/28 10:28:14 | 000,000,879 | ---- | M] () -- C:\Users\Jorge\Desktop\ERUNT.lnk
      [2013/04/28 10:11:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/04/28 10:06:38 | 000,022,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/04/28 10:06:38 | 000,022,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/04/28 10:03:38 | 000,810,548 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2013/04/28 10:03:38 | 000,182,138 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2013/04/28 10:03:37 | 000,717,250 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2013/04/28 10:03:37 | 000,145,272 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2013/04/28 09:58:44 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/04/28 09:58:44 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{0032E68E-F381-4DEC-8F7A-FD9033AFA87C}.job
      [2013/04/28 09:58:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/04/28 09:58:30 | 2615,762,944 | -HS- | M] () -- C:\hiberfil.sys
      [2013/04/27 20:38:59 | 000,000,217 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
      [2013/04/27 20:27:02 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
      [2013/04/27 20:26:51 | 000,493,528 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
      [2013/04/27 19:01:00 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/04/27 18:59:23 | 000,004,624 | ---- | M] () -- C:\Users\Jorge\Desktop\cc_20130427_185912.reg
      [2013/04/27 18:58:21 | 000,089,716 | ---- | M] () -- C:\Users\Jorge\Desktop\cc_20130427_185738.reg
      [2013/04/27 14:33:21 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\DTSOFTBUS01.SYS
      [2013/04/27 14:08:10 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
      [2013/04/27 13:38:12 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\Dll-Files Fixer.lnk
      [2013/04/27 10:04:05 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
      [2013/04/27 10:04:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
      [2013/04/24 19:58:18 | 283,063,897 | R--- | M] () -- C:\Users\Jorge\Documents\Dark.Souls.Complete.Strategy.Guide.__Grundle.Release.pdf
      [2013/04/24 17:12:06 | 000,000,264 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job
      [2013/04/21 17:32:45 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 2510 series.lnk
      [2013/04/16 15:48:54 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jorge\Desktop\uTorrent.exe
      [2013/04/15 17:51:07 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
      [2013/04/15 17:19:49 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
      [2013/04/11 16:12:00 | 000,017,344 | ---- | M] (Dll-Files.com) -- C:\Windows\System32\roboot.exe
      [2013/04/08 21:39:13 | 000,001,547 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
      [2013/04/07 00:55:01 | 000,002,100 | ---- | M] () -- C:\Users\Jorge\Desktop\BioShockInfinite.lnk
      [2013/04/06 15:36:07 | 000,001,953 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
      [2013/04/06 15:35:23 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Comprar consumibles - HP Deskjet 2510 series.lnk
      [2013/04/06 15:35:01 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
      [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2013/04/02 17:28:48 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
      [2013/04/02 17:28:45 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
      [2013/04/02 17:28:45 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
      [2013/04/02 17:28:45 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
      [2013/03/31 14:06:05 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
      [2013/03/31 14:04:21 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
      [2013/03/31 14:04:21 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Users\Jorge\Desktop\*.tmp files -> C:\Users\Jorge\Desktop\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/04/28 10:28:27 | 000,001,078 | ---- | C] () -- C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
      [2013/04/28 10:28:14 | 000,000,898 | ---- | C] () -- C:\Users\Jorge\Desktop\NTREGOPT.lnk
      [2013/04/28 10:28:14 | 000,000,879 | ---- | C] () -- C:\Users\Jorge\Desktop\ERUNT.lnk
      [2013/04/27 20:38:26 | 000,000,217 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
      [2013/04/27 19:01:00 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/04/27 18:59:19 | 000,004,624 | ---- | C] () -- C:\Users\Jorge\Desktop\cc_20130427_185912.reg
      [2013/04/27 18:57:46 | 000,089,716 | ---- | C] () -- C:\Users\Jorge\Desktop\cc_20130427_185738.reg
      [2013/04/27 14:08:10 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
      [2013/04/27 14:07:59 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
      [2013/04/24 19:28:59 | 283,063,897 | R--- | C] () -- C:\Users\Jorge\Documents\Dark.Souls.Complete.Strategy.Guide.__Grundle.Release.pdf
      [2013/04/15 17:19:49 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
      [2013/04/15 17:18:57 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
      [2013/04/15 17:18:55 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
      [2013/04/15 16:09:53 | 000,000,081 | ---- | C] () -- C:\Program Files\update-XCOM.bat
      [2013/04/08 21:39:13 | 000,001,547 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
      [2013/04/08 15:53:56 | 004,194,816 | ---- | C] () -- C:\Chrono Trigger.smc
      [2013/04/07 00:55:01 | 000,002,100 | ---- | C] () -- C:\Users\Jorge\Desktop\BioShockInfinite.lnk
      [2013/04/06 15:36:07 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
      [2013/04/06 15:35:23 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 2510 series.lnk
      [2013/04/06 15:35:23 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Comprar consumibles - HP Deskjet 2510 series.lnk
      [2013/04/06 15:35:01 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
      [2013/03/31 14:06:05 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
      [2013/03/20 19:51:44 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
      [2013/03/20 18:29:08 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
      [2013/03/20 18:29:08 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
      [2013/03/20 17:41:34 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
      [2013/03/10 13:41:08 | 035,648,512 | ---- | C] () -- C:\Program Files\PhysX-installer.msi
      [2013/03/10 13:34:22 | 000,003,153 | ---- | C] () -- C:\Program Files\visit-nosteam-forum.html
      [2013/03/10 13:34:22 | 000,000,081 | ---- | C] () -- C:\Program Files\update-mafia2.bat
      [2013/03/06 20:48:11 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
      [2013/03/06 20:48:11 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
      [2013/03/06 20:48:11 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
      [2013/03/06 20:48:11 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
      [2013/03/06 19:04:35 | 000,000,016 | ---- | C] () -- C:\Users\Jorge\AppData\Roaming\sd.bat
      [2013/02/25 19:28:25 | 000,000,084 | ---- | C] () -- C:\Program Files\update-DeusEx.bat
      [2013/02/24 13:52:32 | 000,003,154 | ---- | C] () -- C:\Program Files\visit-nosteam.ro.html
      [2013/02/24 13:52:32 | 000,000,084 | ---- | C] () -- C:\Program Files\update-DeadSpace3.bat
      [2012/12/01 15:13:05 | 000,138,736 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
      [2012/11/22 16:22:34 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
      [2012/11/22 16:22:32 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
      [2012/11/08 21:59:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
      [2012/11/06 22:31:26 | 000,393,256 | ---- | C] () -- C:\Windows\System32\CNQ2414N.DAT
      [2012/10/21 12:21:22 | 000,001,243 | ---- | C] () -- C:\Windows\soundcfg.ini
      [2012/10/21 12:21:11 | 000,018,116 | ---- | C] () -- C:\Windows\System32\winchk.exe
      [2012/10/21 12:21:09 | 000,017,408 | ---- | C] () -- C:\Windows\System32\ftdll16.dll
      [2012/10/21 12:21:05 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\Qa3d.dll
      [2012/10/21 12:21:01 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\A3d.dll
      [2012/10/21 12:18:18 | 000,048,128 | ---- | C] () -- C:\Windows\System32\ftdll32.dll
      [2012/10/19 19:39:56 | 000,015,416 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
      [2012/10/19 19:39:33 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
      [2012/10/19 19:36:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
      [2012/10/19 19:35:20 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
      [2012/10/19 19:35:20 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
      [2012/10/19 19:35:20 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
      [2012/06/19 07:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\System32\pbsvc.exe
      [2012/02/14 22:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
      [2012/01/31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
      [2012/01/10 0308 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

      ========== ZeroAccess Check ==========

      [2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 16:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== Custom Scans ==========

      < :OTL >

      < PRC - C:\Archivos de programa\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) >

      < PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.) >

      < SRV - (McComponentHostService) -- C:\Archivos de programa\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.) >

      < SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.) >

      < DRV - (cpuz136) -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys File not found >

      < DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.) >

      < DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) >

      < FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found >
      Invalid Switch: iTunes,version=: File not found

      < FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) >
      Invalid Switch: DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

      < FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) >
      Invalid Switch: JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

      < FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) >
      Invalid Switch: McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)

      < FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found >
      Invalid Switch: GENUINE: disabled File not found

      < FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nppl3260.dll File not found >
      Invalid Switch: nppl3260;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nppl3260.dll File not found

      < FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nprpjplug.dll File not found >
      Invalid Switch: nprpjplug;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nprpjplug.dll File not found

      < FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found >
      Invalid Switch: nsJSRealPlayerPlugin;version=: File not found

      < O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Archivos de programa\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) >

      < O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation) >

      < O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) >

      < O4 - HKLM..\Run: [] File not found >

      < O13 - gopher Prefix: missing >

      < O20 - AppInit_DLLs: (c:\progra~2\browse~2\251005~1.80\{c16c1~1\browse~1.dll) - File not found >

      < O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. >

      < O33 - MountPoints2\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\Shell - "" = AutoRun >

      < O33 - MountPoints2\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a >

      < O33 - MountPoints2\F\Shell - "" = AutoRun >

      < O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a >

      < [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] >

      < [1 C:\Users\Jorge\Desktop\*.tmp files -> C:\Users\Jorge\Desktop\*.tmp -> ] >

      < [2013/04/27 20:41:01 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{0032E68E-F381-4DEC-8F7A-FD9033AFA87C}.job >
      Invalid Switch: 27 20:41:01 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{0032E68E-F381-4DEC-8F7A-FD9033AFA87C}.job

      < [2013/04/27 20:27:02 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job >
      Invalid Switch: 27 20:27:02 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job

      < [2013/03/06 19:04:35 | 000,000,016 | ---- | C] () -- C:\Users\Jorge\AppData\Roaming\sd.bat >
      Invalid Switch: 06 19:04:35 | 000,000,016 | ---- | C] () -- C:\Users\Jorge\AppData\Roaming\sd.bat

      < [2013/02/25 19:28:25 | 000,000,084 | ---- | C] () -- C:\Program Files\update-DeusEx.bat >
      Invalid Switch: 25 19:28:25 | 000,000,084 | ---- | C] () -- C:\Program Files\update-DeusEx.bat

      < [1999/05/19 03:18:26 | 000,020,255 | ---- | M] () -- C:\CFG801.EXE >
      Invalid Switch: 19 03:18:26 | 000,020,255 | ---- | M] () -- C:\CFG801.EXE

      < [1996/06/28 07:27:54 | 004,194,816 | ---- | M] () -- C:\Chrono Trigger.smc >
      Invalid Switch: 28 07:27:54 | 004,194,816 | ---- | M] () -- C:\Chrono Trigger.smc

      < [1999/05/19 04:15:24 | 000,004,657 | ---- | M] () -- C:\DOS801.EXE >
      Invalid Switch: 19 04:15:24 | 000,004,657 | ---- | M] () -- C:\DOS801.EXE

      < [C:\Windows\$NtUninstallKB16927$] -> Error: Cannot create file handle -> Unknown point type >

      < @Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:CB0AACC9 >

      < @Alternate Data Stream - 12 bytes -> C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} >

      < :Files >

      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Tunngle mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      Adaptador de Ethernet Tunngle:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . : gateway.2wire.net
      V¡nculo: direcci¢n IPv6 local. . . : fe80::385a:3e6:fc46:f022%12
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.74
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.254
      Adaptador de Ethernet Conexi¢n de *rea local:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{1E7CB776-676C-4980-9235-45FD878C2378}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.gateway.2wire.net:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : gateway.2wire.net
      Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:953c:34f6:31:4244:3e0e
      V¡nculo: direcci¢n IPv6 local. . . : fe80::34f6:31:4244:3e0e%13
      Puerta de enlace predeterminada . . . . . : ::
      Adaptador de t£nel isatap.{A0783169-838B-4FF5-A10C-060E0380C4B9}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      < :Commands >

      < [PURITY] >

      < [EMPTYFLASH] >

      < [EMPTYTEMP] >

      < [RESETHOSTS] >

      ========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
      [C:\Windows\$NtUninstallKB16927$] -> Error: Cannot create file handle -> Unknown point type

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:CB0AACC9
      @Alternate Data Stream - 12 bytes -> C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}

      < End of report >

    8. #8
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      15.800

      Re: Ayuda con Malware y asegurarme que a desaparecido

      Te has liado, has puesto los datos del log en su sitio, pero has pulsado en "Analizar" y debías pulsar en "Reparar", por eso no te ha reiniciado, vuelve a copiar los datos que te puse y pulsas en "Reparar", y nos pones el informe que saldrá cuando Reinicie.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de MrCrazy
      Registrado
      abr 2013
      Ubicación
      España
      Mensajes
      7

      Re: Ayuda con Malware y asegurarme que a desaparecido

      es al primera vez que lo utiliso perdon por mi tonteria aqui esta el log

      All processes killed
      ========== OTL ==========
      No active process named SSScheduler.exe was found!
      No active process named mfevtps.exe was found!
      Error: No service named McComponentHostService was found to stop!
      Service\Driver key McComponentHostService not found.
      File C:\Archivos de programa\McAfee Security Scan\3.0.318\McCHSvc.exe not found.
      Error: No service named mfevtp was found to stop!
      Service\Driver key mfevtp not found.
      File C:\Windows\System32\mfevtps.exe not found.
      Error: No service named cpuz136 was found to stop!
      Service\Driver key cpuz136 not found.
      File C:\Windows\TEMP\cpuz136\cpuz136_x32.sys File not found not found.
      Error: No service named mfewfpk was found to stop!
      Service\Driver key mfewfpk not found.
      File C:\Windows\System32\drivers\mfewfpk.sys not found.
      Error: No service named mfehidk was found to stop!
      Service\Driver key mfehidk not found.
      File C:\Windows\System32\drivers\mfehidk.sys not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2\ not found.
      File C:\Windows\system32\npDeployJava1.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2\ not found.
      File C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin\ not found.
      File C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ not found.
      File C:\Archivos de programa\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
      File C:\Archivos de programa\Java\jre7\bin\ssv.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.
      File C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\browse~2\251005~1.80\{c16c1~1\browse~1.dll deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{002ee0be-1b91-11e2-b7ee-c860005b37f3}\ not found.
      File G:\LaunchU3.exe -a not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
      File F:\LaunchU3.exe -a not found.
      File/Folder C:\Windows\*.tmp not found.
      File/Folder C:\Users\Jorge\Desktop\*.tmp not found.
      File C:\Windows\tasks\OptimizerProUpdaterTask{0032E68E-F381-4DEC-8F7A-FD9033AFA87C}.job not found.
      File C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job not found.
      File C:\Users\Jorge\AppData\Roaming\sd.bat not found.
      File C:\Program Files\update-DeusEx.bat not found.
      File C:\CFG801.EXE not found.
      File C:\Chrono Trigger.smc not found.
      File C:\DOS801.EXE not found.
      Unable to remove Unknown point type C:\Windows\$NtUninstallKB16927$
      Unable to delete ADS C:\ProgramData\TEMP:CB0AACC9 .
      Unable to delete ADS C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} .
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Jorge\Desktop\cmd.bat deleted successfully.
      C:\Users\Jorge\Desktop\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Tunngle mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      Adaptador de Ethernet Tunngle:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . : gateway.2wire.net
      V¡nculo: direcci¢n IPv6 local. . . : fe80::385a:3e6:fc46:f022%12
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.74
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.254
      Adaptador de Ethernet Conexi¢n de *rea local:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{1E7CB776-676C-4980-9235-45FD878C2378}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.gateway.2wire.net:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : gateway.2wire.net
      Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:953c:1083:f09:4244:3e0e
      V¡nculo: direcci¢n IPv6 local. . . : fe80::1083:f09:4244:3e0e%13
      Puerta de enlace predeterminada . . . . . : ::
      Adaptador de t£nel isatap.{A0783169-838B-4FF5-A10C-060E0380C4B9}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      C:\Users\Jorge\Desktop\cmd.bat deleted successfully.
      C:\Users\Jorge\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: All Users

      User: Default

      User: Default User

      User: hedev

      User: Jorge
      ->Flash cache emptied: 511 bytes

      User: Public

      Total Flash Files Cleaned = 0.00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: hedev
      ->Temp folder emptied: 43164427 bytes

      User: Jorge
      ->Temp folder emptied: 12350663 bytes
      ->Temporary Internet Files folder emptied: 3327388 bytes
      ->Java cache emptied: 4751305 bytes
      ->Google Chrome cache emptied: 292770180 bytes
      ->Apple Safari cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 146863250 bytes
      RecycleBin emptied: 282 bytes

      Total Files Cleaned = 480.00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 04282013_143108

      Files\Folders moved on Reboot...
      File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    10. #10
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      15.800

      Re: Ayuda con Malware y asegurarme que a desaparecido

      Perfecto, ahora si, y el equipo presenta alguna anomalía. ????

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo