• Registrarse
  • Iniciar sesión


  • Página 3 de 3 PrimeroPrimero 123
    Resultados 21 al 25 de 25

    se abren paginas de publicidd solas (Solucionado)

    Resumen del tema: se abren paginas de publicidd solas (Solucionado) - buenas! perdon por la demora, tengo unos dias complicados en el trabajo je, realice lo solicitado, y al reiniciar se colgo todo, la vuelvo a reiniciar y no paso mas nada, o sea ahora normal, ...

      
    1. #21
      Usuario Avatar de juank22
      Registrado
      sep 2009
      Ubicación
      argentina
      Mensajes
      12

      re: se abren paginas de publicidd solas (Solucionado)

      buenas!
      perdon por la demora, tengo unos dias complicados en el trabajo je, realice lo solicitado, y al reiniciar se colgo todo, la vuelvo a reiniciar y no paso mas nada, o sea ahora normal, paso el log solicitado:

      OTL logfile created on: 24/07/2013 06:36:32 p.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\Juanca\Desktop
      64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00002c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

      2,75 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 70,48% Memory free
      5,49 Gb Paging File | 4,18 Gb Available in Paging File | 76,17% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 107,79 Gb Total Space | 76,98 Gb Free Space | 71,41% Space Free | Partition Type: NTFS
      Drive D: | 488,28 Gb Total Space | 265,78 Gb Free Space | 54,43% Space Free | Partition Type: NTFS

      Computer Name: JUANCA-PC | User Name: Juanca | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - D:\Users\Juanca\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Glary Utilities 3\Integrator.exe (Glarysoft Ltd)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe ()
      PRC - C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe ()
      PRC - C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe ()
      PRC - C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
      PRC - C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (PacketVideo)
      PRC - C:\Archivos de programa\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files (x86)\Glary Utilities 3\zlib1.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (TwonkyProxy) -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe ()
      SRV - (TwonkyWebDav) -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe ()
      SRV - (TwonkyServer) -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (PacketVideo)
      SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
      SRV - (EhttpSrv) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
      SRV - (ekrn) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (ose64) -- C:\Archivos de programa\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (KMService) -- C:\Windows\SysWOW64\srvany.exe ()


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
      DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
      DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
      DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
      DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
      DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
      DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
      DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
      DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
      DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
      DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
      DRV:64bit: - (k57nd) -- C:\Windows\SysNative\drivers\k57amd64.sys (Broadcom Corporation)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ar
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F 4B 3C 0B D6 DE CD 01 [binary data]
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
      IE - HKCU\..\SearchScopes,DefaultScope =
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7NDKB_esAR515
      IE - HKCU\..\SearchScopes\{F79B00DC-61D1-4F24-9C9A-95247D58FC66}: "URL" = http://searchou.com/?q={searchTerms}&id=d89594380000000000001c7508c71182&r=534
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
      FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

      64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012/12/22 12:57:20 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/14 12:43:32 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/12/22 12:57:20 | 000,000,000 | ---D | M]

      [2013/05/15 19:16:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juanca\AppData\Roaming\mozilla\Extensions
      [2013/07/14 12:43:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juanca\AppData\Roaming\mozilla\Firefox\Profiles\s3j0n3u2.default\extensions
      [2013/05/19 11:05:51 | 000,001,378 | ---- | M] () -- C:\Users\Juanca\AppData\Roaming\mozilla\firefox\profiles\s3j0n3u2.default\searchplugins\privitize.xml
      [2013/07/03 10:26:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions
      [2013/07/03 10:26:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
      [2013/07/03 10:26:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      ========== Chrome ==========

      CHR - default_search_provider: Babylon (Enabled)
      CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&affID=121845&tt=gc_&babsrc=SP_ss_din2g&mntrId=D8951C7508C71182
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}

      O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
      O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
      O4:64bit: - HKLM..\Run: [ETDWare] C:\Archivos de programa\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
      O8:64bit: - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
      O8 - Extra context menu item: &Enviar a OneNote - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
      O9:64bit: - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
      O9:64bit: - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{274D23DF-8E1A-46CB-91E3-7CF7AB59B75E}: DhcpNameServer = 10.0.0.2
      O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18 - Protocol\Handler\ms-help - No CLSID value found
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

      MsConfig:64bit - StartUpReg: AthBtTray - hkey= - key= - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
      MsConfig:64bit - StartUpReg: AtherosBtStack - hkey= - key= - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
      MsConfig:64bit - StartUpReg: ISUSPM Startup - hkey= - key= - c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
      MsConfig:64bit - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
      MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
      MsConfig:64bit - StartUpReg: swg - hkey= - key= - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
      MsConfig:64bit - State: "startup" - Reg Error: Key error.

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/07/22 19:46:10 | 000,000,000 | ---D | C] -- C:\Users\Juanca\AppData\Roaming\TwonkyMedia
      [2013/07/22 19:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\twonkyclient
      [2013/07/22 19:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Philips
      [2013/07/22 19:19:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Philips
      [2013/07/22 19:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TwonkyServer
      [2013/07/22 19:19:04 | 000,000,000 | ---D | C] -- C:\Users\Juanca\AppData\Roaming\TwonkyServer
      [2013/07/22 19:18:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Twonky
      [2013/07/21 12:25:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Users\Juanca\Desktop\OTL.exe
      [2013/07/21 12:18:37 | 000,000,000 | ---D | C] -- C:\Users\Juanca\AppData\Local\Adobe
      [2013/07/18 18:25:01 | 000,000,000 | ---D | C] -- C:\Windows\temp
      [2013/07/18 18:20:45 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [2013/07/18 18:11:11 | 000,000,000 | --SD | C] -- C:\ComboFix
      [2013/07/16 21:35:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
      [2013/07/16 21:35:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
      [2013/07/16 21:35:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
      [2013/07/16 21:35:22 | 000,000,000 | ---D | C] -- C:\Qoobox
      [2013/07/16 21:35:09 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
      [2013/07/16 21:30:10 | 005,091,168 | R--- | C] (Swearware) -- D:\Users\Juanca\Desktop\ComboFix.exe
      [2013/07/15 23:18:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
      [2013/07/15 21:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
      [2013/07/15 21:36:39 | 000,000,000 | ---D | C] -- C:\Users\Juanca\AppData\Roaming\GlarySoft
      [2013/07/15 21:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 3
      [2013/07/15 21:36:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 3
      [2013/07/15 1759 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      [2013/07/14 14:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/07/14 14:22:13 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2013/07/14 01:41:53 | 000,000,000 | ---D | C] -- C:\Users\Juanca\AppData\Roaming\Panda Security
      [2013/07/14 01:41:25 | 000,000,000 | ---D | C] -- C:\Users\Juanca\AppData\Local\panda4_0dn
      [2013/07/14 01:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security URL Filtering
      [2013/07/14 01:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
      [2013/07/14 01:40:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
      [2013/07/14 01:21:32 | 000,000,000 | ---D | C] -- D:\Users\Juanca\Desktop\rkill
      [2013/07/13 23:08:06 | 000,000,000 | ---D | C] -- C:\ToolBar SD
      [2013/07/13 23:07:48 | 000,000,000 | ---D | C] -- C:\Users\Juanca\AppData\Roaming\SUPERAntiSpyware.com
      [2013/07/13 23:07:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
      [2013/07/13 23:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
      [2013/07/13 23:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
      [2013/07/13 23:06:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      [2013/07/13 23:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2013/07/13 10:42:23 | 000,000,000 | ---D | C] -- C:\Users\Juanca\AppData\Roaming\Malwarebytes
      [2013/07/13 10:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/07/13 10:42:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2013/07/13 01:23:12 | 000,000,000 | ---D | C] -- D:\Users\Juanca\Documents\ProcAlyzer Dumps
      [2013/07/12 21:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
      [2013/07/12 21:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
      [2013/07/09 18:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\RemotePotato
      [2013/07/09 18:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFrem
      [2013/07/08 17:43:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool
      [2013/07/08 17:43:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HDDGURU LLF Tool
      [2013/07/08 17:42:54 | 000,000,000 | ---D | C] -- D:\Users\Juanca\Desktop\HDD.Low.Level.Format.Tool.4.30.Incl.Keygen-tPORt
      [2013/07/06 21:54:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
      [2013/07/06 21:53:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
      [2013/07/03 10:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/07/24 18:38:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/07/24 18:22:21 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/07/24 18:22:21 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/07/24 18:19:19 | 000,707,568 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2013/07/24 18:19:19 | 000,619,042 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2013/07/24 18:19:19 | 000,139,104 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2013/07/24 18:19:19 | 000,107,362 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2013/07/24 18:19:18 | 001,564,492 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2013/07/24 18:16:16 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 3.job
      [2013/07/24 18:14:59 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/07/24 18:14:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/07/24 18:14:41 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
      [2013/07/22 19:21:07 | 000,001,968 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MediaServer.lnk
      [2013/07/22 19:21:07 | 000,001,282 | ---- | M] () -- C:\Users\Public\Desktop\MediaManager.lnk
      [2013/07/22 18:59:02 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/07/21 12:25:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\Juanca\Desktop\OTL.exe
      [2013/07/18 1837 | 005,091,168 | R--- | M] (Swearware) -- D:\Users\Juanca\Desktop\ComboFix.exe
      [2013/07/15 21:36:41 | 000,001,080 | ---- | M] () -- C:\Users\Public\Desktop\Glary Utilities 3.lnk
      [2013/07/14 19:07:49 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2013/07/14 14:22:17 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/07/14 12:41:30 | 000,007,654 | ---- | M] () -- C:\Users\Juanca\AppData\Local\Resmon.ResmonCfg
      [2013/07/14 00:04:46 | 000,052,492 | ---- | M] () -- D:\Users\Juanca\Documents\cc_20130714_000440.reg
      [2013/07/13 20:19:34 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\At1.job
      [2013/07/13 10:34:53 | 000,002,037 | ---- | M] () -- D:\Users\Juanca\Desktop\JDownloader.lnk
      [2013/07/13 01:18:14 | 000,271,845 | ---- | M] () -- C:\Quarantine.lst
      [2013/07/09 18:40:41 | 000,000,000 | -H-- | M] () -- C:\Windows\wusa.lock
      [2013/07/08 17:43:22 | 000,000,001 | ---- | M] () -- C:\Users\Juanca\AppData\Local\llftool.4.30.agreement
      [2013/07/08 17:43:19 | 000,000,940 | ---- | M] () -- D:\Users\Juanca\Desktop\Hard Disk Low Level Format Tool.lnk
      [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/07/22 19:21:07 | 000,001,968 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MediaServer.lnk
      [2013/07/22 19:21:07 | 000,001,282 | ---- | C] () -- C:\Users\Public\Desktop\MediaManager.lnk
      [2013/07/16 21:35:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
      [2013/07/16 21:35:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
      [2013/07/16 21:35:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
      [2013/07/16 21:35:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
      [2013/07/16 21:35:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
      [2013/07/15 21:36:41 | 000,001,080 | ---- | C] () -- C:\Users\Public\Desktop\Glary Utilities 3.lnk
      [2013/07/15 21:36:40 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 3.job
      [2013/07/15 21:36:36 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 3.lnk
      [2013/07/14 14:22:17 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/07/14 11:00:05 | 000,007,654 | ---- | C] () -- C:\Users\Juanca\AppData\Local\Resmon.ResmonCfg
      [2013/07/14 00:04:43 | 000,052,492 | ---- | C] () -- D:\Users\Juanca\Documents\cc_20130714_000440.reg
      [2013/07/13 18:36:25 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\At1.job
      [2013/07/13 10:34:53 | 000,002,037 | ---- | C] () -- D:\Users\Juanca\Desktop\JDownloader.lnk
      [2013/07/13 10:01:45 | 000,271,845 | ---- | C] () -- C:\Quarantine.lst
      [2013/07/09 18:40:41 | 000,000,000 | -H-- | C] () -- C:\Windows\wusa.lock
      [2013/07/08 17:43:22 | 000,000,001 | ---- | C] () -- C:\Users\Juanca\AppData\Local\llftool.4.30.agreement
      [2013/07/08 17:43:19 | 000,000,940 | ---- | C] () -- D:\Users\Juanca\Desktop\Hard Disk Low Level Format Tool.lnk
      [2012/12/22 12:45:23 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
      [2012/12/22 12:39:13 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
      [2012/12/21 00:34:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
      [2012/12/21 00:31:23 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

      ========== ZeroAccess Check ==========

      [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 02:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 01:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2013/07/15 21:36:39 | 000,000,000 | ---D | M] -- C:\Users\Juanca\AppData\Roaming\GlarySoft
      [2013/07/14 01:41:53 | 000,000,000 | ---D | M] -- C:\Users\Juanca\AppData\Roaming\Panda Security
      [2013/07/22 19:46:10 | 000,000,000 | ---D | M] -- C:\Users\Juanca\AppData\Roaming\TwonkyMedia
      [2013/07/22 19:19:04 | 000,000,000 | ---D | M] -- C:\Users\Juanca\AppData\Roaming\TwonkyServer
      [2013/07/16 01:45:28 | 000,000,000 | ---D | M] -- C:\Users\Juanca\AppData\Roaming\uTorrent

      ========== Custom Scans ==========

      < %systemdrive%\*.* >
      [2013/07/18 18:24:58 | 000,017,541 | ---- | M] () -- C:\ComboFix.txt
      [2013/07/24 18:14:41 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
      [2013/07/09 18:53:58 | 000,000,368 | ---- | M] () -- C:\InstallRPLog.txt
      [2013/07/24 18:14:43 | 2947,440,640 | -HS- | M] () -- C:\pagefile.sys
      [2013/07/22 19:23:05 | 000,000,398 | ---- | M] () -- C:\Program-log.txt
      [2013/07/13 01:18:14 | 000,271,845 | ---- | M] () -- C:\Quarantine.lst
      [2012/12/20 14:05:06 | 000,000,184 | ---- | M] () -- C:\WLAN_Setup.log

      < %programfiles%\*.* >
      [2009/07/14 01:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
      [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

      < %appdata%\*.exe /ncn /s >
      [2012/12/20 15:07:31 | 000,010,134 | R--- | M] () -- C:\Users\Juanca\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
      [2012/12/20 15:07:31 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Juanca\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
      [2009/06/25 14:07:56 | 000,333,541 | ---- | M] () -- C:\Users\Juanca\AppData\Roaming\Nero\Uninstall.exe

      < %allusersprofile%\*.* >

      < %windir%\system32\*.sys /lockedfiles >

      < End of report >

      saludos!

    2. #22
      Moderador
      Avatar de ErdrickBass
      Registrado
      jul 2009
      Ubicación
      Cd Juarez, Mex.
      Mensajes
      9.328

      re: se abren paginas de publicidd solas (Solucionado)

      Hola nuevamente

      Bueno veo que tu sistema se revela.

      Porfavor espera mientras analizamos este reporte que como notaras tambien es muy largo y llevan su tiempo:
      NOTAS IMPORTANTES:


      ° Una vez Terminado el Trabajo de ComboFix, puedes activar Tu antivirus.

      ° NO descargues o instales mas programas mientras terminamos la desinfección.

      ° No vuelvas a ejecutar ningún otro programa antivirus/antimalwares ni ComboFix hasta que vuelva con una respuesta.
      Saludos
      El cielo azul es infinitamente alto y cristalino

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #23
      Moderador
      Avatar de ErdrickBass
      Registrado
      jul 2009
      Ubicación
      Cd Juarez, Mex.
      Mensajes
      9.328

      re: se abren paginas de publicidd solas (Solucionado)

      Hola nuevamente

      Realiza lo siguiente porfavor:

      Realiza una copia de seguridad con Erunt:
      Manual de ERUNT

      Ejecutar OTL.exe desde modo seguro
      • Pegue el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:
        • NOTA: No copiar la palabra codigo

        Código:
        :OTL
        IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
        IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
        IE - HKCU\..\SearchScopes\{F79B00DC-61D1-4F24-9C9A-95247D58FC66}: "URL" = http://searchou.com/?q={searchTerms}&id=d89594380000000000001c7508c71182&r=534
        FF - user.js - File not found
        FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
        FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
        FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
        CHR - default_search_provider: Babylon (Enabled)
        CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&affID=121845&tt=gc_&babsrc=SP_ss_din2g&mntrId=D8951C7508C71182
        O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
        O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
        O13 - gopher Prefix: missing
        O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
        O18 - Protocol\Handler\ms-help - No CLSID value found
        O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
        O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
        MsConfig:64bit - State: "startup" - Reg Error: Key error.
        [2013/07/13 20:19:34 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\At1.job
        [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
        
        :Files
        d:\users\Juanca\Desktop\Look2Me-Destroyer.exe
        ipconfig /flushdns /c
        ipconfig /renew /c
        
        :Commands
        [Purity]
        [Resethosts]
        [Emptyflash]
        [Emptytemp]
      • Luego haga clic en el botón Reparar en la parte superior.
      • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
      • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta


      Nos traerias el reporte de OTL comentandonos como sigue todo.

      Saludos
      El cielo azul es infinitamente alto y cristalino

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #24
      Usuario Avatar de juank22
      Registrado
      sep 2009
      Ubicación
      argentina
      Mensajes
      12

      re: se abren paginas de publicidd solas (Solucionado)

      buenas!

      lo solicitado:

      All processes killed
      ========== OTL ==========
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F79B00DC-61D1-4F24-9C9A-95247D58FC66}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F79B00DC-61D1-4F24-9C9A-95247D58FC66}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
      Use Chrome's Settings page to remove the default_search_provider items.
      Use Chrome's Settings page to remove the default_search_provider items.
      64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ not found.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
      File Protocol\Handler\skype4com - No CLSID value found not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
      File Protocol\Handler\ms-help - No CLSID value found not found.
      64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      C:\Windows\Tasks\At1.job moved successfully.
      C:\Program Files (x86)\GUMFD42.tmp folder deleted successfully.
      ========== FILES ==========
      d:\users\Juanca\Desktop\Look2Me-Destroyer.exe moved successfully.
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.
      D:\Users\Juanca\Desktop\cmd.bat deleted successfully.
      D:\Users\Juanca\Desktop\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      D:\Users\Juanca\Desktop\cmd.bat deleted successfully.
      D:\Users\Juanca\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: Default

      User: Juanca
      ->Flash cache emptied: 4752 bytes

      User: Public

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Juanca
      ->Temp folder emptied: 6034571 bytes
      ->Temporary Internet Files folder emptied: 5400279 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 383020756 bytes
      ->Google Chrome cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Public
      ->Temp folder emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 29626 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36122373 bytes
      RecycleBin emptied: 130678 bytes

      Total Files Cleaned = 411,00 mb


      OTL by OldTimer - Version 3.2.69.0 log created on 07272013_171927

      Files\Folders moved on Reboot...
      C:\Users\Juanca\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

      al momento, nada de ventanas raras, y tampoco tuve problemas de inicio

      parece estar todo OK! gracias!!!!

    5. #25
      Moderador
      Avatar de ErdrickBass
      Registrado
      jul 2009
      Ubicación
      Cd Juarez, Mex.
      Mensajes
      9.328

      re: se abren paginas de publicidd solas (Solucionado)

      Hola nuevamente

      Ejecuta OTL y presiona Limpiar, cuando termine permite que reinicie para que termine de limpiar tu equipo.

      Me alegra que hayas solventado tus problemas Si que se resisitian pero al final se fueron porque se fueron

      Gracias a ti por ser agradecido y por confiar en InfoSpyware

      Cualquier otra cosa sabes donde estamos

      Consejos Generales de Seguridad:






      Consejo Final:

      Puedes seguirnos para mantenerte informado de amenazas por nuestros canales de difusion:



      Paso a dar el tema por solucionado.
      Si quieres reabrir el tema, presiona el icono de la parte inferior izquierda, escribe el motivo y un moderador acudira a reabrir el tema.
      Tema Solucionado
      El cielo azul es infinitamente alto y cristalino

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 3 de 3 PrimeroPrimero 123