Eliminar Mystart Incredibar. (Solucionado)

**luchocarp92** · 14/06/12, 19:31:59

Hola queria saber si me pueden ayudar para eliminar Mystart Incredibar de mi computadora, es algo que me trae loco desde ayer...

lo que me paso es que me baje un juego del utorrent y mientras lo instalaba me aparecio una ventana que decia si queria instalar la barra Mystart Incredibar, y por error puse que si, bueno me lo instalo y eso, despues cuando abri una ventana en el explorer me aparecia la barra de Mystart Incredibar y la pagina de Mystart Incredibar de pagina principal... fui a agregar o quitar programas para desinstalar la barra, mientras lo hacia me aparecio 2 veces un mensaje que decia "Realmente esta seguro que desea desinstalar la barra?" y despues de poner si, al final otro que decia "esperemos que lo pienses y vuelvas a instalar la barra, te vamos a extrañar"

me sorprendio la insistencia...

Bueno pense que ya me lo habia sacado de encima, pero me dejo un par de problemas, como que no se borro.

En el Explorer seguia como pagina principal, lo que hice fue entrar a proveedores de búsquedas donde me aparecia Mystart Incredibar como pagina predeterminada y la cambie a google y lo elimine de proveedores.Pense que hay ya estaba todo, cuando entro a twitter y un amigo me pasa un link en un tweet, lo abri y automaticamente me abrio una pestaña como siempre, pero no me abria lo que me mandaba sino que la pagina de EDITADO enlace a código malicioso.

, probe con otros links en tweets y me hacia lo mismo y no me deja ver los links, salta esa pagina nomas =S

En el Chrome hice lo mismo, entre a motores de búsqueda, puse a google como predeterminado y elimine de ahi la pagina EDITADO enlace a código malicioso.

En el Chrome por suerte cuando abro un link no me aparece la pagina puedo verlo tranquilamente, pero lo que pasa aca es que a veces cuando lo abro no me reconoce la pagina principal, me pone que google.com no existe o algo por el estilo y no puedo entrar, ni siquiera abriendo una pestaña ni nada, tengo que entrar al rato a probar suerte, haber si entra... me supuse que era por el bendito Mystart Incredibar.

Por ultimo en el Firefox la barra directamente no se elimino =S tuve que ir a administrar complementos/extensiones/desactivar/eliminar. Se fue la pagina y tuve que cambiar la pagina la pagina principal como en los otros porque aparecia la de Mystart Incredibar. Bueno despues de hacer eso, me quedo igual que el Chrome, puedo abrir los links, pero hay veces que cuando lo abro, no reconoce ninguna pagina, me pone "pagina no encontrada", cosa que no me habia pasado nunca hasta que baje esta barra ¬¬

Lei a otro usuario que le habia pasado algo similar, le dijeron que bajara el AT-Destroyer, pero tambien lei que este programa se usara con supervision porque podia traer problemas con el sistema si no se sabia como usar, asique no me arriesgue a hacerlo solo...

Bueno basicamente ese es el problema con esta bendita barra/pagina/malware/ lo que sea... si alguien pudiera ayudarme a eliminarla por completo, se lo agradezco, y perdon si fui muy extenso o especifico con el mensaje, pero trate de poner todo para las personas que les pasa algo asi sepan bien lo que pasa

**SanMar** · 15/06/12, 01:04:52

Hola luchocarp92

al Foro.

Consejos para antes de publicar un nuevo mensaje

Políticas del Foro de InfoSpyware

Políticas Foro Oficial de HijackThis en español
--------------------------------------------------

Realiza lo siguiente:

Paso 1.-:

Desactive temporalmente su Antivirus y/o Antispyware >>> Cómo deshabilitar temporalmente su Antivirus

Paso 2.-:

Descargue AT-Destroyer (Adwares/Toolbars-Destroyer) by @Infospyware.
La ejecuta como Administrador. >>>
Nota: Si usa Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador."
Aparecerá el Disclaimer de la herramienta. Presione Sí.
Presione la opción 1 (Buscar y Destruir)
AT-Destroyer desconectará el escritorio momentáneamente.
En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya detectado la infección, sino, serán lineas verdes.
Una vez terminado el escaneo, podrá volver a ver el escritorio y se le abrirá un reporte, que deberá copiar en su próxima respuesta comentando cómo funciona el sistema.
Si algún programa no inicia, reiniciar la PC.

Paso 3.-:

Descargue OTL By OldTimer

>>> Para Ejecutar OTL

Cerrar todos programas que tenga abiertos y hacer doble clic en el ícono de OTL.
Dejarlo correr y esperar a que aparezca el menú de OTL..
Cuando aparezca el menú, solo debe cambiar debajo de: "Tipo de Análisis" seleccionando Resultado Mínimo.
Marcar las opciones: Buscar LOP y Buscar Purity.
Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
Copiar y Pegar el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

NOTA: No copiar la palabra Cita.

netsvcs
msconfig
%SYSTEMDRIVE%\*.*
CREATERESTOREPOINT
Por favor No cambiar el resto de la configuración a menos que se lo solicitemos.

Presionar el botón >>
Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
Copiar y pegar el contenido del archivo OTL.txt en su próxima respuesta.

En tu próxima respuesta nos traes los reportes.

Salu2.

**luchocarp92** · 15/06/12, 16:39:59

#################################################### A/T-Destroyer by InfoSpyware ############

A/T-Destroyer 1.0 By Infospyware
www.infospyware.com
Fecha iniciada en el analisis 15/06/2012
Hora iniciada en el analisis 16:53:22,73
Usuario Actual : [C:\Users\luch]
Sistema Operativo: Windows 7 Starter
Service pack: Service Pack 1
Arquitectura: Sistema operativo de 64 bits
Versión Internet Explorer: 9.0.8112.16421

====== Servicios Eliminados By A/T-Destroyer ======

====== Claves Eliminadas By A/T-Destroyer ======

HKLM\Software\Microsoft\Windows\CurrentVersion\Run | SearchSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
HKEY_CURRENT_USER\Software\ImInstaller\IncrediMail

====== Archivos/Carpetas Eliminados By A/T-Destroyer ======

C:\Program Files\Common Files\Spigot\Search Settings
C:\Program Files\Common Files\Spigot\wtxpcom
C:\Program Files\Common Files\Spigot\Search Settings\baidu_ff.xml
C:\Program Files\Common Files\Spigot\Search Settings\baidu_ie.xml
C:\Program Files\Common Files\Spigot\Search Settings\config.ini
C:\Program Files\Common Files\Spigot\Search Settings\Lang
C:\Program Files\Common Files\Spigot\Search Settings\Res
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Common Files\Spigot\Search Settings\wth.dll
C:\Program Files\Common Files\Spigot\Search Settings\yahoo_ff.xml
C:\Program Files\Common Files\Spigot\Search Settings\yahoo_ie.xml
C:\Program Files\Common Files\Spigot\Search Settings\yandex_ff.xml
C:\Program Files\Common Files\Spigot\Search Settings\yandex_ie.xml
C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1031.ini
C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1033.ini
C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1034.ini
C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1036.ini
C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1040.ini
C:\Program Files\Common Files\Spigot\wtxpcom\chrome.manifest
C:\Program Files\Common Files\Spigot\wtxpcom\components
C:\Program Files\Common Files\Spigot\wtxpcom\install.rdf
C:\Program Files\Common Files\Spigot\wtxpcom\components\chrome.manifest
C:\Program Files\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
C:\Program Files\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
C:\Program Files\Common Files\Spigot\wtxpcom\components\install.rdf
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.11
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.12
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.13
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.14
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9
"C:\Program Files\Common Files\Spigot"
C:\Program Files\Babylon\Babylon-Pro
C:\Program Files\Babylon\Babylon-Pro\Utils
"C:\Program Files\Babylon"
C:\Users\luch\Configuraci¢n local\Datos de programa\Google\Chrome\User Data\Default\databases\Databases.db
C:\Program Files\mozilla firefox\searchplugins\babylon.xml

-_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
====== Información Extra ======

-_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
"HKCU\Software\Microsoft\Internet Explorer\Main"
Start Page == http://www.google.com
Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL == about:blank

"HKLM\Software\Microsoft\Internet Explorer\Main"
Start Page == http://www.google.com
Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL == http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL == about:blank

-_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.442", false);
user_pref("browser.startup.homepage", "http://google.com");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.442", false);
user_pref("browser.startup.homepage", "http://google.com");

-_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
"homepage": "http://www.google.com/",
"homepage_changed": true,
"homepage_is_newtabpage": false,
"homepage": "http://www.google.com/",
"homepage_changed": true,
"homepage_is_newtabpage": false,

======= EOF =======

Ese es el reporte del At-Destroyer, me aparecieron 2 lineas rojas de infeccion.Abri chrome y firefox y me funcionan bien, en firefox aparentemente se fue, ya no aparece. En el explorer me sigue haciendo lo mismo con los links y abre la pagina de mystart incredibar.

**luchocarp92** · 15/06/12, 16:46:45

este es el 1er reporte de OTl

OTL Extras logfile created on: 15/06/2012 17

28 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\luch\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00002c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 61,60% Memory free
3,98 Gb Paging File | 2,85 Gb Available in Paging File | 71,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,72 Gb Total Space | 222,93 Gb Free Space | 76,16% Space Free | Partition Type: NTFS
Drive D: | 4,88 Gb Total Space | 1,46 Gb Free Space | 29,84% Space Free | Partition Type: NTFS

Computer Name: LUCH-PC | User Name: luch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MIF5BA~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1438EA12-4D4A-49EF-B757-8E2625FC3435}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{14823138-1936-4EC7-8CF9-6CFD47235D8E}" = lport=137 | protocol=17 | dir=in | app=system |
"{2F116CA6-5CB7-40E5-8D32-44814D16EEF9}" = lport=138 | protocol=17 | dir=in | app=system |
"{3F27403F-7D33-46DB-B972-BA04053822F7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5262CD40-E0D1-4B84-9EAA-B9960F94F7EE}" = rport=445 | protocol=6 | dir=out | app=system |
"{59DBEE78-421C-4F5F-8B01-5D3A9B91C8EC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{60B2416F-39A6-414D-BA1E-0F618C41E3E5}" = rport=139 | protocol=6 | dir=out | app=system |
"{81B18FA1-FBC6-436B-A944-A49AC706DC52}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{84606A82-8CA0-487E-B1AC-802FB7060DF3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9B1D52A5-282A-4892-87A8-5FA2D0E63338}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BD0CC11C-ACD3-4CA8-8FEF-5E8F176BCFC0}" = rport=137 | protocol=17 | dir=out | app=system |
"{D234C993-4B09-4B01-B88E-7968C7C1344C}" = rport=138 | protocol=17 | dir=out | app=system |
"{D5212542-13B0-40C2-8C79-7E908B5A6857}" = lport=445 | protocol=6 | dir=in | app=system |
"{E8137AE7-D159-4C33-9B73-4105ACBA9789}" = lport=139 | protocol=6 | dir=in | app=system |
"{EA4697C3-6B24-459F-A6A1-3303A20335A5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F80FB458-4E63-47DE-AF78-9C7378420B38}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0486575C-06B0-4DF0-91DB-0898A47E1521}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{06D24335-3EDD-48E4-BDBC-F19D8703BBC6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{1D3907BF-18FE-492E-91C7-6BFFE842D1E1}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{24946FDE-7C53-45B7-B168-C36718E6BAA9}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{28A0600C-CBEF-45F0-9886-69EB5B33EA1D}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{30FCD4DB-B023-4E9D-A7D2-AA37CC2E093C}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{4838A939-D198-4A73-B1BD-6FA82AAF4330}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4EC6EE7B-BC44-4A62-9AB9-2C55A08E83E4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{5870C58D-AF67-435F-9597-9E0575D3ADEA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{592615B8-5E5E-4E06-BBBA-8D158F6B3C82}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{59C1CB0A-4EBB-4263-87EF-B53B17AA9CD6}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{5B9D2477-1A02-426C-8C59-F27DB4C3AA25}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{652842BF-F92C-47D0-87DA-3451AB53C416}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{72C6455B-6C05-42C6-B613-903FB46B48BE}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{7758A5BC-18D2-4658-B621-C7A9324DA588}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{876F9935-472C-4C2B-AC28-FA0A2744716E}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{883F9D1A-BFD3-47BA-A076-DEE51647CD7F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{8F542A36-0E7B-4372-8A0C-C8CAA97021FB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A59BEDB5-FA36-4C90-8611-0CD875F9A63F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A7E47905-CE89-446D-83FF-C7100BF92D65}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{AC81DD86-ADF9-49BF-92A7-633E1ACBD13B}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{B4EB6E56-83CA-4616-89F3-385D6DB2631D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BAA2DDB6-F1E8-4B08-9FBB-C97236D51DC3}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{BAE65C64-CFF6-4CE0-8D11-F7A65A1104AD}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{D261789F-8688-490E-8605-C54A3106C224}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{D285FADA-D52A-4476-95DD-E482DA96D6E7}" = protocol=58 | dir=in | app=system |
"{DAD784A0-2418-4735-AE07-0CC3EF1AEECF}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{E8EF337F-97B0-4357-80E5-6CA320019A01}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{F572F732-E56A-4A39-A30D-4D878561B7DE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{AFBA8AA7-BD4B-4564-9D62-619D0996CA13}C:\users\luch\desktop\championship manager\cm0102.exe" = protocol=6 | dir=in | app=c:\users\luch\desktop\championship manager\cm0102.exe |
"TCP Query User{D127D8F5-20B0-42F0-8E2E-EF2BDA2D8849}C:\program files\age of empires 2\empires2.exe" = protocol=6 | dir=in | app=c:\program files\age of empires 2\empires2.exe |
"TCP Query User{D301059F-2D6F-4B94-AFC3-9E49232AFA86}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{E0EB9D75-8532-461E-AB32-1DC56172061F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{F485CB74-5CDE-48CD-B129-5966199478B4}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{0B74F187-A828-4B14-AB55-5BD6C74AA81A}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{368C05A6-CFCE-4AB5-A76F-365C79E9E886}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{3F5066FC-D96A-4833-83F8-FB5A503BA75A}C:\users\luch\desktop\championship manager\cm0102.exe" = protocol=17 | dir=in | app=c:\users\luch\desktop\championship manager\cm0102.exe |
"UDP Query User{B836CE5C-BCFD-4356-B468-964B192455DF}C:\program files\age of empires 2\empires2.exe" = protocol=17 | dir=in | app=c:\program files\age of empires 2\empires2.exe |
"UDP Query User{DF913DE2-6D36-4CD4-89C3-E0F042EBD2EA}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{0A1651F1-7E0F-4613-93FE-967F5BC3C1B7}" = Windows Live Remote Service Resources
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{16DABD39-A174-4C6B-A2C4-A492E64933C8}" = AVG 2012
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2161D304-A4F4-4029-95F3-F9CDDC43853E}" = Estudio de mejora de productos de HP Deskjet 3050 J610 series
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{22B09F6E-AC8B-4524-83CD-B6FA4D16AE71}" = Windows Live Family Safety
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011F0}" = Java(TM) 6 Update 11
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.442
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4447D5B5-95ED-4C4D-A9C3-1D8E892D5377}" = AVG 2012
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4908C75E-E5E2-43F7-B1DF-023CBA831033}" = Nero 7 Ultra Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Bison WebCam
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E74D41C-5864-4561-9F6B-069372513A0B}" = AVG 2012
"{51AFB69C-1C54-4C77-A888-2860F8CD3E7D}" = Paint.NET v3.31
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.2
"{5AB0B30D-4EBF-4897-894A-6B8865954694}" = Bison WebCam AP
"{5C8BC258-A629-4DF2-97D0-E106C2A9B1BD}" = Windows Live Remote Client Resources
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7177EE4E-3D1D-4F45-85B5-B93DC758BA0B}" = OLYMPUS Viewer 2
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = LiveUpdate BVRP Software
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D004944-C4F1-4C44-AAD4-E7F85190ED00}" = AVG 2012
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{80DDC39C-8CB5-49de-9748-36C990922110}" = Microsoft Works
"{80F28669-97B7-4CC9-B256-1F1BCFB7FDCF}" = AVG 2012
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{895722FE-25FE-4854-95AC-B0C42F9DBEDA}" = REALTEK Wireless LAN Driver
"{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = Olympus ib
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B13C1F2-EE28-435F-9ADC-F5E4BA8CB48F}" = IObit Toolbar v5.8
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110C0A-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-042D-0000-0000000FF1CE}_HOMESTUDENTR_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0456-0000-0000000FF1CE}_HOMESTUDENTR_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{939C80FA-96C9-44A6-B318-8E7D8BD8481B}" = Messenger Companion
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{953D4586-9A16-495E-BA1F-EE5AA66604DB}" = Windows Live Sync
"{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Touch Pad Driver
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A68C62E8-B243-4777-89BB-12173DFA1D45}" = OLYMPUS Digital Camera Updater
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1034-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Español
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B806A1B5-288E-4A64-A8EC-3AFE12A66646}" = UHARC/GUI v3.06 (2005-11-24)
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}" = WinZip 16.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D04DCD77-B454-4E4F-824C-2B9504C5ED2C}" = Software básico del dispositivo HP Deskjet 3050 J610 series
"{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"{ED86C4AB-D1E5-42CF-BFA3-56BAAE617D4E}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}" = mobile PhoneTools
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Ayuda
"Acoustica Effects Pack" = Acoustica Effects Pack
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Ares Conecting para todas las versiones" = Ares Conecting para todas las versiones
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"AVG" = AVG 2012
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Bejeweled 3 1.00" = Bejeweled 3 1.00
"Bejeweled Blitz Final" = Bejeweled Blitz Final
"CCleaner" = CCleaner
"CoreAAC" = CoreAAC
"E77704EF5E71F4F18CADFBFA68595AFE036D5D97" = Paquete de controladores de Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"Evo Ares® 3.2.1" = Evo Ares® 3.2.1
"GOM Encoder" = GOM Encoder
"GOM Picker" = GOM PICKER
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"Hattrick Organizer" = Hattrick Organizer (remove only)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = Olympus ib
"InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"IObit Security 360_is1" = IObit Security 360
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.1.0
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"Movier-media Toolbar" = Movier-media Toolbar
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"PhotoScape" = PhotoScape
"Power Manager_is1" = Power Manager 2.4.3
"Sauerbraten" = Sauerbraten
"Smart Defrag 2_is1" = Smart Defrag 2
"SMSERIAL" = Motorola SM56 Data Fax Modem
"StarterBackgroundChanger" = StarterBackgroundChanger
"TVWiz" = Intel(R) TV Wizard
"uTorrent" = µTorrent
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Barra Yahoo!
"YTdetect" = Yahoo! Detect
"Zapu - The Share Accelerator" = Zapu - The Share Accelerator

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 03/02/2012 20:14:54 | Computer Name = luch-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 03/02/2012 20:14:54 | Computer Name = luch-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 03/02/2012 20:14:54 | Computer Name = luch-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 03/02/2012 20:14:55 | Computer Name = luch-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 03/02/2012 20:14:55 | Computer Name = luch-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 03/02/2012 20:14:55 | Computer Name = luch-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 03/02/2012 20:14:55 | Computer Name = luch-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 04/02/2012 21:18:27 | Computer Name = luch-PC | Source = Application Hang | ID = 1002
Description = El programa iexplore.exe, versión 9.0.8112.16421, dejó de interactuar
con Windows y se cerró. Para ver si hay más información disponible acerca del problema,
compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador
de proceso: 10640 Hora de inicio: 01cce3a3f1198dc2 Hora de finalización: 29 Ruta de
acceso de la aplicación: C:\Program Files\Internet Explorer\iexplore.exe Identificador
de informe:

Error - 06/02/2012 22:23:46 | Computer Name = luch-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: wmpnscfg.exe, versión: 12.0.7600.16385,
marca de tiempo: 0x4a5bccbc Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.17725,
marca de tiempo: 0x4ec49b60 Código de excepción: 0xc0000005 Desplazamiento de errores:
0x00063f01 Id. del proceso con errores: 0x6e5c Hora de inicio de la aplicación con
errores: 0x01cce53f83fd346a Ruta de acceso de la aplicación con errores: C:\Program
Files\Windows Media Player\wmpnscfg.exe Ruta de acceso del módulo con errores: C:\windows\SYSTEM32\ntdll.dll
Id.
del informe: c28eb40d-5132-11e1-b611-00140b66b57f

Error - 07/02/2012 15:23:53 | Computer Name = luch-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: wmpnscfg.exe, versión: 12.0.7600.16385,
marca de tiempo: 0x4a5bccbc Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.17725,
marca de tiempo: 0x4ec49b60 Código de excepción: 0xc0000005 Desplazamiento de errores:
0x00063f01 Id. del proceso con errores: 0x1924 Hora de inicio de la aplicación con
errores: 0x01cce5ce06cfbca3 Ruta de acceso de la aplicación con errores: C:\Program
Files\Windows Media Player\wmpnscfg.exe Ruta de acceso del módulo con errores: C:\windows\SYSTEM32\ntdll.dll
Id.
del informe: 44fef696-51c1-11e1-b649-00140b66b57f

[ OSession Events ]
Error - 04/03/2011 03:23:44 | Computer Name = luch-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 34
seconds with 0 seconds of active time. This session ended with a crash.

Error - 22/03/2011 03:56:38 | Computer Name = luch-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 25
seconds with 0 seconds of active time. This session ended with a crash.

Error - 14/08/2011 20:23:07 | Computer Name = luch-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 305
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 15/06/2012 14:37:36 | Computer Name = luch-PC | Source = Service Control Manager | ID = 7003
Description = El servicio AVGIDSAgent depende del siguiente servicio: AVGIDSDriver.
Este servicio podría no estar instalado.

Error - 15/06/2012 15:45:00 | Computer Name = luch-PC | Source = Service Control Manager | ID = 7038
Description = El servicio upnphost no se pudo iniciarse como NT AUTHORITY\LocalService
con la contraseña configurada actualmente debido al siguiente error: %%1352 Para
asegurarse de que el servicio esté correctamente configurado, use el complemento
Servicios en Microsoft Management Console (MMC).

Error - 15/06/2012 15:45:00 | Computer Name = luch-PC | Source = Service Control Manager | ID = 7000
Description = El servicio Dispositivo host de UPnP no pudo iniciarse debido al siguiente
error: %%1069

Error - 15/06/2012 15:45:00 | Computer Name = luch-PC | Source = DCOM | ID = 10005
Description =

Error - 15/06/2012 15:45:00 | Computer Name = luch-PC | Source = Service Control Manager | ID = 7038
Description = El servicio upnphost no se pudo iniciarse como NT AUTHORITY\LocalService
con la contraseña configurada actualmente debido al siguiente error: %%50 Para asegurarse
de que el servicio esté correctamente configurado, use el complemento Servicios
en Microsoft Management Console (MMC).

Error - 15/06/2012 15:45:00 | Computer Name = luch-PC | Source = Service Control Manager | ID = 7000
Description = El servicio Dispositivo host de UPnP no pudo iniciarse debido al siguiente
error: %%1069

Error - 15/06/2012 15:45:45 | Computer Name = luch-PC | Source = volmgr | ID = 262190
Description = Error en la inicialización del archivo de volcado

Error - 15/06/2012 15:45:56 | Computer Name = luch-PC | Source = volmgr | ID = 262190
Description = Error en la inicialización del archivo de volcado

Error - 15/06/2012 15:46:15 | Computer Name = luch-PC | Source = Service Control Manager | ID = 7003
Description = El servicio AVGIDSAgent depende del siguiente servicio: AVGIDSDriver.
Este servicio podría no estar instalado.

Error - 15/06/2012 16:12:27 | Computer Name = luch-PC | Source = DCOM | ID = 10010
Description =

< End of report >

**luchocarp92** · 15/06/12, 16:48:26

OTL logfile created on: 15/06/2012 17

28 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\luch\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00002c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 61,60% Memory free
3,98 Gb Paging File | 2,85 Gb Available in Paging File | 71,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,72 Gb Total Space | 222,93 Gb Free Space | 76,16% Space Free | Partition Type: NTFS
Drive D: | 4,88 Gb Total Space | 1,46 Gb Free Space | 29,84% Space Free | Partition Type: NTFS

Computer Name: LUCH-PC | User Name: luch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\luch\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Archivos de programa\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Archivos de programa\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Archivos de programa\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Archivos de programa\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Archivos de programa\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Archivos de programa\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Archivos de programa\IObit\IObit Security 360\is360srv.exe (IObit)
PRC - C:\Archivos de programa\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Archivos de programa\Power Manager\PM.exe ()

========== Modules (No Company Name) ==========

MOD - C:\Archivos de programa\Web Assistant\Extension32.dll ()
MOD - C:\Archivos de programa\Power Manager\PM.exe ()

========== Win32 Services (SafeList) ==========

SRV - (Application Updater) -- C:\Archivos de programa\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Web Assistant Updater) -- C:\Archivos de programa\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (avgfws) -- C:\Archivos de programa\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Archivos de programa\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AntiVirService) -- C:\Archivos de programa\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (avgwd) -- C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (odserv) -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Archivos de programa\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (BBSvc) -- C:\Archivos de programa\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (fsssvc) -- C:\Archivos de programa\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Archivos de programa\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (IS360service) -- C:\Archivos de programa\IObit\IObit Security 360\is360srv.exe (IObit)
SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- system32\drivers\RTKVHDA.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (SmartDefragDriver) -- C:\Windows\System32\drivers\SmartDefragDriver.sys ()
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\rtl8187B.sys (Realtek Semiconductor Corporation )
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (avgio) -- C:\Archivos de programa\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (WINIO) -- C:\Windows\System32\WinIo.sys (http://www.internals.com)
DRV - (alcan5ln) SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS) -- C:\Windows\System32\drivers\alcan5ln.sys (THOMSON)
DRV - (alcaudsl) -- C:\Windows\System32\drivers\alcaudsl.sys (THOMSON)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Archivos de programa\Movier-media\tbMovi.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2186473

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.ar/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ar.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8C 0B F5 7F 99 D7 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Archivos de programa\IObit Toolbar\IE\5.8\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Archivos de programa\Movier-media\tbMovi.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=17284
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=VD&o=14778&src=crm&q={searchTerms}&locale=es_ES&apn_ptnrs=VX&apn_dtid=YYYYYYFDAR&apn_uid=B94C643A-3B79-44B5-ADF8-482BD7F46900&apn_sauid=E9D71F75-37C9-4BEB-BD73-D5E9F5392E3F
IE - HKCU\..\SearchScopes\{20F2C492-7FE7-4E02-8466-A58252A5BE2A}: "URL" = http://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=ar&nt=1
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_esAR376
IE - HKCU\..\SearchScopes\{8D925F0B-BEFD-42AF-BD7C-AF0F60837C6D}: "URL" = http://ar.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={686EE374-80FC-4804-AF7F-0A61F3F9FCBF}&mid=afaf267d9363d2c32cfe3bc77b25eee4-eda271ce2075ae7c128c9780642b6d23a7c3c85f&lang=es-es&ds=AVG&pr=pr&d=2011-11-02 11:38:30&v=8.0.0.34&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17284"
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://google.com"
FF - prefs.js..extensions.enabledItems: {7E77F5DF-8022-40e3-9122-F03DEBEFC43B}:1.0.25
FF - prefs.js..extensions.enabledItems: {9d1f059c-cada-4111-9696-41a62d64e3ba}:0.9.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1912
FF - prefs.js..extensions.enabledItems: avg@toolbar:11.1.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7Bf20d42d9-4eb6-4f62-80e4-96acc2db058e%7D&mid=afaf267d9363d2c32cfe3bc77b25eee4-eda271ce2075ae7c128c9780642b6d23a7c3c85f&ds=AVG&v=11.1.0.7&lang=es-es&pr=pr&d=2011-11-02%2011%3A38%3A30&sap=ku&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/01/31 20:51:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Iminent\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/14 02:47:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/14 05:06:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/14 05:06:56 | 000,000,000 | ---D | M]

[2010/10/10 19:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\luch\AppData\Roaming\mozilla\Extensions
[2012/06/15 17:03:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\luch\AppData\Roaming\mozilla\Firefox\Profiles\jj8gnth8.default\extensions
[2010/12/07 21:27:18 | 000,000,000 | ---D | M] (PsicoTSI) -- C:\Users\luch\AppData\Roaming\mozilla\Firefox\Profiles\jj8gnth8.default\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}
[2012/05/31 23:26:11 | 000,000,000 | ---D | M] (FoxTrick) -- C:\Users\luch\AppData\Roaming\mozilla\Firefox\Profiles\jj8gnth8.default\extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}
[2012/03/30 11:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2011/04/16 13:15:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/08/31 08:31:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/10 13:32:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2012/03/30 11:09:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/05/26 13:39:14 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF
[2011/04/16 13:15:19 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/08/31 08:31:28 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/10 13:32:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2012/03/30 11:09:44 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/06/14 02:47:08 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2012/06/14 05:06:55 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/30 11:09:27 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/12 13:37:06 | 000,003,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/06/14 05:06:49 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/14 05:06:49 | 000,003,996 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
[2012/06/14 05:06:49 | 000,001,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-es.xml
[2012/06/14 05:06:49 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/06/14 05:06:49 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
[2012/06/14 05:06:49 | 000,001,102 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-es.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: No name found = C:\Users\luch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\luch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\luch\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.442_0\
CHR - Extension: No name found = C:\Users\luch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: No name found = C:\Users\luch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 18:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Archivos de programa\IObit Toolbar\IE\5.8\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Archivos de programa\Web Assistant\Extension32.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Archivos de programa\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Archivos de programa\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Movier-media Toolbar) - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Archivos de programa\Movier-media\tbMovi.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (GretechBHO Class) - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Archivos de programa\GRETECH\GomPicker\GomPickerBHO.dll (Gretech Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Archivos de programa\IObit Toolbar\IE\5.8\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Movier-media Toolbar) - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Archivos de programa\Movier-media\tbMovi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Barra Yahoo!) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Movier-media Toolbar) - {CE10BF86-DA68-441E-91FA-38336363E3CD} - C:\Archivos de programa\Movier-media\tbMovi.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [PowerManager] C:\Archivos de programa\Power Manager\PM.exe ()
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Evo Ares ® ..:::Warez-Master:::..)
O4 - Startup: C:\Users\luch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Archivos de programa\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D7D6E79-B005-49BC-AE5A-CDB83678064F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2E800D0-7D4F-4CF0-94E5-13034BD6A380}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Archivos de programa\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Archivos de programa\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Archivos de programa\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Archivos de programa\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/06/15 16:53:23 | 000,036,864 | ---- | C] (NirSoft) -- C:\windows\nircmd.exe
[2012/06/15 16:47:32 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{03F3B1DC-865C-4DB4-BC2E-32EF5AFF2C90}
[2012/06/15 16:47:20 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{94981313-CC03-4A9D-9759-42001474CFAD}
[2012/06/15 15:56:45 | 003,867,720 | ---- | C] (AVG Technologies) -- C:\Users\luch\Desktop\avg_isct_stb_all_2012_2126.exe
[2012/06/15 15:27:05 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Roaming\AVG2012
[2012/06/15 15:22:56 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{CD4AC8D7-2386-4BD9-8EAB-90090353FFFA}
[2012/06/15 15:22:43 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F55AA08E-3C4A-4F8B-80AC-6EAE13C7A231}
[2012/06/15 12:53:04 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{03E11313-F130-43DF-AB8F-BBC59E6FD760}
[2012/06/15 12:52:46 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{96886367-66BB-4330-9AE9-EFA85E361961}
[2012/06/15 00:46:36 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F7EE79E4-7001-4460-B4F6-0E1A06022B37}
[2012/06/14 23:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sauerbraten
[2012/06/14 23:43:27 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sauerbraten
[2012/06/14 23:41:04 | 000,000,000 | ---D | C] -- C:\Program Files\Sauerbraten
[2012/06/14 21:07:28 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Activision Value
[2012/06/14 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision Value
[2012/06/14 21:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Activision Value
[2012/06/14 12:45:02 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{49F44E29-F0A6-4C15-84B1-38836042CE88}
[2012/06/14 05:27:39 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{7A1761C7-C7EB-486F-9673-E317FB40A9A1}
[2012/06/14 05:27:18 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D4F4CEED-C667-49B4-B42F-E7E0871241A1}
[2012/06/14 02:59:18 | 000,000,000 | ---D | C] -- C:\Users\luch\Documents\Hunting Unlimited 2010
[2012/06/14 02:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Break For Games
[2012/06/14 02:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012/06/14 01:42:33 | 000,000,000 | ---D | C] -- C:\Users\luch\Documents\JustCause
[2012/06/13 23:53:35 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{7467D9AE-F44B-44A3-8849-D8B272E69963}
[2012/06/13 23:53:07 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{0184C349-FAB9-44E9-8B54-9A20512BD833}
[2012/06/13 17:11:53 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F19063D7-88FB-4C1B-9E7C-AAC126DEAEC4}
[2012/06/13 17:11:27 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{5A29980E-7DB2-4EA2-A8AB-44B1D5FD4DCD}
[2012/06/13 17:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\IMinent Toolbar
[2012/06/13 17:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/06/13 17:00:20 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Roaming\uTorrent
[2012/06/13 16:59:46 | 000,880,528 | ---- | C] (BitTorrent, Inc.) -- C:\Users\luch\Desktop\uTorrent_3.1.3.27327.exe
[2012/06/13 13:01:48 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{799FE09D-4047-4B2C-9748-1C74F9E7D6DD}
[2012/06/13 13:01:35 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{438AF965-3A19-47C6-B506-80888A4A3A6C}
[2012/06/13 00:16:03 | 000,000,000 | ---D | C] -- C:\Users\luch\Desktop\Quake II
[2012/06/12 09:35:19 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{153D489D-11DA-4DD9-BF5C-34615F9C5BDF}
[2012/06/12 09:35:06 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{88FCBF01-08FF-4632-8DAB-B9777F3B7555}
[2012/06/11 12:57:44 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D2740763-2AA2-4577-995D-B22FBE3AF2C0}
[2012/06/11 12:57:30 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{3B1A0EA0-D024-4CC9-8E4E-6A157BF21866}
[2012/06/10 13:43:06 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{4E572CD6-4610-4F53-9FCB-30DC18B54C54}
[2012/06/10 13:42:54 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{BC74BF62-AF7D-4A3E-B359-D2A21A52F46F}
[2012/06/10 00:57:31 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{ABC8F3F7-5EDB-48AA-8B75-6A88C529AE7E}
[2012/06/10 00:57:19 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{2B24A746-EF7A-411F-905F-9B0C1C222FD8}
[2012/06/09 12:21:37 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{FC25C829-7CE3-42DF-BDEB-1E674C2C2ACE}
[2012/06/09 12:21:24 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{7FAD5C05-6171-43E4-A3E8-B0F4ADCF1FB7}
[2012/06/08 12:46:36 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{1FE778D4-CACB-462F-B1A2-312BC0493D4C}
[2012/06/08 12:46:08 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{0213B44A-8C2B-46CB-B61F-29BB0D551474}
[2012/06/07 17:41:41 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D214CCCF-D47B-4ABB-BCDE-BD96C7AEAD26}
[2012/06/07 17:41:29 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{41EF2043-F292-4A28-8DE3-9DAE912DC1E7}
[2012/06/07 11:00:21 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{1D70C3B5-3B95-4BB8-AFE4-5AFAFAC936FC}
[2012/06/07 10:59:55 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{2C00C453-7232-478F-9DE6-47A04DB632B2}
[2012/06/06 14:33:41 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{A2B3B6FE-BA66-4019-A5DD-3E95FA1EED86}
[2012/06/06 14:33:23 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{3B50B58B-C3DA-481C-A627-E2EC40AFFAD9}
[2012/06/05 10:07:57 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{CB28A314-DBD9-433F-83B2-816324A509A1}
[2012/06/05 10:07:38 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{1974CDE0-CFBD-4C52-912D-A54BD9163E16}
[2012/06/04 15:13:40 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{AE5E9DBB-88B4-4D5E-9568-CB91C8724CA8}
[2012/06/04 15:13:13 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{FDB2E228-252A-42CC-BCB7-DE19982E7487}
[2012/06/03 16:19:37 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{C4A197D1-F70F-4245-B235-A785320CE961}
[2012/06/03 16:18:51 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{23E5330D-6A2D-4D87-B439-01C3680014FA}
[2012/06/03 12:50:25 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{02355436-0E36-4535-A14C-D8843319A973}
[2012/06/03 12:50:13 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{B8171EC0-082D-4EB8-A9AD-955CAC8F8AA0}
[2012/06/02 16:01:11 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{8B52D247-D4F2-47AC-9B76-AAC6251024B0}
[2012/06/02 16:00:48 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{7DC66E84-6F3D-4FF1-AA46-C1E85405EEFB}
[2012/06/01 10:03:03 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{E82FDDB7-7E29-4102-B735-2726EBBBC0C3}
[2012/06/01 10:02:48 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F758E757-A6B3-4765-ABFC-8533696CC6EB}
[2012/05/31 22:29:05 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\BVRP Software
[2012/05/31 22:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\LiveUpdate
[2012/05/31 22:27:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mobile PhoneTools
[2012/05/31 22:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\mobile PhoneTools
[2012/05/31 22:26:50 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2012/05/31 19:33:46 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{BBE39123-E2F3-4FBD-A9D5-74E595AD8908}
[2012/05/31 19:33:31 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{B0D6E71C-B1A2-4BAE-AD68-AE8069010AFF}
[2012/05/31 09:32:06 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{1348B4B6-491D-476C-8B84-71EFBA195BC1}
[2012/05/31 09:31:50 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{059906AA-0732-4082-8C80-5460FB48D3E8}
[2012/05/30 11:04:51 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F5B47B0F-ADA8-47FD-BFC0-7FBD7218D51A}
[2012/05/30 11:04:37 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D9655E5A-263A-4732-A91D-233CC59E95CE}
[2012/05/29 15:16:21 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{CDB1FE81-A2F6-46C8-B66D-ED9D7ADB2E73}
[2012/05/29 15:16:06 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{0FAE8A2E-5D55-427D-9ED4-228A43D7FACC}
[2012/05/28 16:47:57 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{88149592-4181-4682-B370-2524EF00ABFF}
[2012/05/28 16:47:46 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{343380F5-EBE7-47D8-8E26-F12E66C4AC87}
[2012/05/27 13:33:18 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{723871D5-083C-4E65-BB28-959AB25A6F3F}
[2012/05/27 13:33:04 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{ACC0D561-C7C7-4E33-818B-88700A1A4B00}
[2012/05/26 18:32:48 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{235342CE-0107-42B9-B866-002CD7C9CB4C}
[2012/05/26 18:32:35 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{201F5865-0423-4966-A3EA-8344543D60BA}
[2012/05/26 14:29:19 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{BE71299C-3C8C-4C6D-A0C1-53D7D38113B7}
[2012/05/26 13:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2012/05/26 13:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012/05/26 13:33:55 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{B900BCC8-7FF1-4D0B-8306-DB2A7AFA9ED5}
[2012/05/26 13:33:23 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{FE01DD72-D3BF-4197-BE77-81AA29F79083}
[2012/05/25 22:04:46 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{288ED055-8214-4E4A-9FFC-A33F024BFF2D}
[2012/05/25 21:32:01 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{DAC9E407-ACF1-469E-9640-BB6905C92B57}
[2012/05/25 20:32:56 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{5FECE319-9DFD-40EB-8284-1DF68EB1D1B8}
[2012/05/24 14:50:09 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{0E137899-2C68-4D2D-A8C0-C86C240044A6}
[2012/05/24 10:02:01 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{768516DD-A351-40A0-B623-275C46128212}
[2012/05/23 19:24:49 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{E6BF6292-1E86-4420-A2D8-001B5E75E8CB}
[2012/05/23 18:28:01 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{44C4DAD7-00F3-4D1B-8DB2-AC32EDC5D529}
[2012/05/23 13:20:53 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{5D1821C3-9C9C-4E3F-9F60-C9147712A96C}
[2012/05/22 15:51:12 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{0B02AA91-07EB-4E6F-B73D-A7CC65BEFDF4}
[2012/05/21 14:00:08 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D1370F7F-C18F-4575-9C02-5EE43A4EE156}
[2012/05/21 13:59:56 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{A0F734B0-0D8C-4337-A618-42462B529D1A}
[2012/05/20 19:02:26 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{E0C6DB13-1AAA-4134-BC69-3122ED9B4FC4}
[2012/05/20 19:02:14 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{98722963-9E70-433B-9BF1-F16F65D83300}
[2012/05/20 15:08:08 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D6D39411-36CC-4136-BE96-AE7F5B18D869}
[2012/05/20 15:07:53 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F236B685-9640-4A7A-BDA9-E11307A47E1B}
[2012/05/19 12:55:00 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{5A57A257-D035-41A0-8D4E-327FCB9A9447}
[2012/05/19 12:54:28 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{10ADFD70-DD9F-4824-9CE4-6CC09FA3C32A}
[2012/05/18 20:04:10 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{6B84D1D9-2F38-4BD4-A392-9EE8A30F39C9}
[2012/05/18 20:03:57 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{797CDFBF-6AAB-4663-946A-AE5EEA5FB4DF}
[2012/05/18 14:42:03 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{7A6755C9-D035-4E11-A2AA-0F6A8B573468}
[2012/05/18 14:41:51 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{9E4D90CF-698D-424C-B39F-BDD34E43061D}
[2012/05/18 13:19:41 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{B5C2DD31-D1D9-4FDE-B4CD-247D63CFDDDF}
[2012/05/18 13:19:29 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{E0551F21-CF2B-4DCE-B717-210ACE67DF0F}
[2012/05/17 19:56:44 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{92039F2A-71B4-492C-A70E-8B1D64346CD0}
[2012/05/17 19:56:31 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{DFC0C759-E120-4447-8594-17ED1BE79817}
[2011/03/23 23:20:03 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe

========== Files - Modified Within 30 Days ==========

[2012/06/15 16:53:49 | 000,010,880 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 16:53:49 | 000,010,880 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 16:53:03 | 000,000,368 | ---- | M] () -- C:\windows\tasks\AWC Startup.job
[2012/06/15 16:46:25 | 000,001,020 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/15 16:46:04 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/06/15 16:45:49 | 1603,084,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/15 16:28:00 | 000,001,024 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/15 16:21:00 | 000,000,838 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/06/15 15:57:54 | 003,867,720 | ---- | M] (AVG Technologies) -- C:\Users\luch\Desktop\avg_isct_stb_all_2012_2126.exe
[2012/06/15 13:02:18 | 100,441,624 | ---- | M] () -- C:\windows\System32\drivers\AVG\incavi.avm
[2012/06/14 23:43:28 | 000,001,918 | ---- | M] () -- C:\Users\luch\Desktop\Sauerbraten.lnk
[2012/06/14 17:29:45 | 000,313,852 | ---- | M] () -- C:\windows\System32\drivers\AVG\iavichjg.avm
[2012/06/14 05:24:13 | 000,374,912 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/06/14 02:48:05 | 000,000,447 | ---- | M] () -- C:\user.js
[2012/06/13 20:37:52 | 000,000,963 | ---- | M] () -- C:\windows\System32\InstallUtil.InstallLog
[2012/06/13 20

23 | 000,703,840 | ---- | M] () -- C:\windows\System32\perfh00A.dat
[2012/06/13 20

23 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/06/13 20

23 | 000,137,806 | ---- | M] () -- C:\windows\System32\perfc00A.dat
[2012/06/13 20

23 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/06/13 17:04:42 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/06/13 17:00:06 | 000,880,528 | ---- | M] (BitTorrent, Inc.) -- C:\Users\luch\Desktop\uTorrent_3.1.3.27327.exe
[2012/06/11 23:33:07 | 000,002,299 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/05/31 22:28:58 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\mobile PhoneTools.lnk
[2012/05/28 22:46:20 | 000,002,126 | ---- | M] () -- C:\windows\tasks\hpwebreg_xxxxxxxxxx.job
[2012/05/28 16:52:27 | 000,625,911 | ---- | M] () -- C:\windows\System32\drivers\AVG\iavifw.avm

========== Files Created - No Company Name ==========

[2012/06/15 16:53:23 | 000,069,660 | ---- | C] () -- C:\windows\Fart.exe
[2012/06/15 16:53:23 | 000,011,776 | ---- | C] () -- C:\windows\Colous.exe
[2012/06/14 23:43:28 | 000,001,918 | ---- | C] () -- C:\Users\luch\Desktop\Sauerbraten.lnk
[2012/06/14 02:47:56 | 000,000,447 | ---- | C] () -- C:\user.js
[2012/06/13 17:09:35 | 000,000,963 | ---- | C] () -- C:\windows\System32\InstallUtil.InstallLog
[2012/06/13 17:04:42 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/05/31 22:28:57 | 000,001,946 | ---- | C] () -- C:\Users\Public\Desktop\mobile PhoneTools.lnk
[2012/03/08 17:02:13 | 000,073,220 | ---- | C] () -- C:\windows\System32\EPPICPrinterDB.dat
[2012/03/08 17:02:13 | 000,031,053 | ---- | C] () -- C:\windows\System32\EPPICPattern131.dat
[2012/03/08 17:02:13 | 000,029,114 | ---- | C] () -- C:\windows\System32\EPPICPattern1.dat
[2012/03/08 17:02:13 | 000,027,417 | ---- | C] () -- C:\windows\System32\EPPICPattern121.dat
[2012/03/08 17:02:13 | 000,021,021 | ---- | C] () -- C:\windows\System32\EPPICPattern3.dat
[2012/03/08 17:02:13 | 000,015,670 | ---- | C] () -- C:\windows\System32\EPPICPattern5.dat
[2012/03/08 17:02:13 | 000,013,280 | ---- | C] () -- C:\windows\System32\EPPICPattern2.dat
[2012/03/08 17:02:13 | 000,010,673 | ---- | C] () -- C:\windows\System32\EPPICPattern4.dat
[2012/03/08 17:02:13 | 000,004,943 | ---- | C] () -- C:\windows\System32\EPPICPattern6.dat
[2012/03/08 17:02:13 | 000,001,140 | ---- | C] () -- C:\windows\System32\EPPICPresetData_PT.dat
[2012/03/08 17:02:13 | 000,001,140 | ---- | C] () -- C:\windows\System32\EPPICPresetData_BP.dat
[2012/03/08 17:02:13 | 000,001,137 | ---- | C] () -- C:\windows\System32\EPPICPresetData_ES.dat
[2012/03/08 17:02:13 | 000,001,130 | ---- | C] () -- C:\windows\System32\EPPICPresetData_FR.dat
[2012/03/08 17:02:13 | 000,001,130 | ---- | C] () -- C:\windows\System32\EPPICPresetData_CF.dat
[2012/03/08 17:02:13 | 000,001,104 | ---- | C] () -- C:\windows\System32\EPPICPresetData_EN.dat
[2012/03/08 17:02:13 | 000,000,097 | ---- | C] () -- C:\windows\System32\PICSDK.ini
[2012/03/08 17:01:28 | 000,000,071 | ---- | C] () -- C:\windows\ESTX115.ini
[2011/11/13 00:14:54 | 000,003,584 | ---- | C] () -- C:\Users\luch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/01 21:02:09 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/04/16 12:49:15 | 000,029,008 | ---- | C] () -- C:\windows\System32\SmartDefragBootTime.exe
[2011/04/16 12:49:15 | 000,016,184 | ---- | C] () -- C:\windows\System32\drivers\SmartDefragDriver.sys
[2011/03/31 02:26:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/23 03:39:42 | 000,002,560 | ---- | C] () -- C:\windows\_MSRSTRT.EXE
[2010/09/22 21:52:57 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI

========== LOP Check ==========

[2010/05/25 16:51:11 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Acoustica
[2010/03/06 11:12:36 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Ashampoo
[2012/06/15 15:27:05 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\AVG2012
[2012/05/14 22:34:29 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Epson
[2011/08/21 15:49:11 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\IObit
[2011/03/23 23:28:06 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Movier
[2010/06/10 20:24:42 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\PhotoScape
[2012/06/15 00:50:22 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\uTorrent
[2011/08/01 22:09:12 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Visan
[2011/01/04 17:11:26 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Windows Live Writer
[2012/06/15 16:53:03 | 000,000,368 | ---- | M] () -- C:\windows\Tasks\AWC Startup.job
[2012/05/18 14:40:10 | 000,032,636 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012/06/15 16:54:12 | 000,005,102 | ---- | M] () -- C:\AT-Destroyer.txt
[2009/06/10 18:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/07/13 22:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/02/01 04:17:31 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009/06/10 18:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2012/06/15 16:45:49 | 1603,084,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/15 16:45:56 | 2137,448,448 | -HS- | M] () -- C:\pagefile.sys
[2012/06/14 02:48:05 | 000,000,447 | ---- | M] () -- C:\user.js

========== Alternate Data Streams ==========

@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:8C35AEA7

< End of report >

Ese es el otro, gracias por responder SanMar.

**SanMar** · 16/06/12, 04:40:10

Hola luchocarp92:

El reporte esta muy sucio, para mejorarlo realiza lo siguiente:

Tienes dos antivirus Avira y AVg y esto no es recomendable. elige uno de ellos y lo desinstalas, (comenta cual ) con su herramienta especifica:

Herramientas de desinstalación de Antivirus y AntiSpyware

Desinstala con Revo Unistaller seleccionando su Modo avanzado <<< Ver Manual, lo siguiente:

Application Updater
Movier-media Toolbar
Iobit Toolbar
Avg Toolbar
IMinent Toolbar
Ask toolbar
IObit Security 360

Si se encontraran, sino sigue con la siguiente.

Luego de haber reiniciado ejecutas CCleaner ya que lo tienes instalado:

Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
Despues usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

Vuelves a ejecutar OTL como te indique en mi anterior respuesta, pero solo nos dejas el reporte OTL.txt.

Salu2.

**luchocarp92** · 16/06/12, 17:55:34

OTL logfile created on: 16/06/2012 18:38:33 - Run 2
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\luch\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00002c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,92% Memory free
3,98 Gb Paging File | 2,80 Gb Available in Paging File | 70,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,72 Gb Total Space | 222,75 Gb Free Space | 76,10% Space Free | Partition Type: NTFS
Drive D: | 4,88 Gb Total Space | 1,46 Gb Free Space | 29,84% Space Free | Partition Type: NTFS

Computer Name: LUCH-PC | User Name: luch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Archivos de programa\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
PRC - C:\Archivos de programa\Common Files\AVG Secure Search\ScriptHelperInstaller\11.1.0\ScriptHelper.exe ()
PRC - C:\Archivos de programa\AVG Secure Search\vprot.exe ()
PRC - C:\Users\luch\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Archivos de programa\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Archivos de programa\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Archivos de programa\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Archivos de programa\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Archivos de programa\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Archivos de programa\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Archivos de programa\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Archivos de programa\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Archivos de programa\IObit\Advanced SystemCare 3\AWC.exe (IObit)
PRC - C:\Archivos de programa\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Archivos de programa\Ares\Ares.exe (Evo Ares ® ..:::Warez-Master:::..)
PRC - C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Archivos de programa\Power Manager\PM.exe ()

========== Modules (No Company Name) ==========

MOD - C:\Archivos de programa\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll ()
MOD - C:\Archivos de programa\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
MOD - C:\Archivos de programa\Common Files\AVG Secure Search\ScriptHelperInstaller\11.1.0\ScriptHelper.exe ()
MOD - C:\Archivos de programa\AVG Secure Search\vprot.exe ()
MOD - C:\Archivos de programa\Web Assistant\Extension32.dll ()
MOD - C:\Archivos de programa\IObit\Smart Defrag 2\NtfsData.dll ()
MOD - C:\Archivos de programa\IObit\Advanced SystemCare 3\winSkinD7R.bpl ()
MOD - C:\Archivos de programa\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl ()
MOD - C:\Archivos de programa\IObit\Advanced SystemCare 3\STFix.dll ()
MOD - C:\Archivos de programa\IObit\Advanced SystemCare 3\NtfsData.dll ()
MOD - C:\Archivos de programa\IObit\Smart Defrag 2\madbasic_.bpl ()
MOD - C:\Archivos de programa\IObit\Smart Defrag 2\maddisAsm_.bpl ()
MOD - C:\Archivos de programa\IObit\Smart Defrag 2\madexcept_.bpl ()
MOD - C:\Archivos de programa\Power Manager\PM.exe ()

========== Win32 Services (SafeList) ==========

SRV - (vToolbarUpdater11.1.0) -- C:\Archivos de programa\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
SRV - (Web Assistant Updater) -- C:\Archivos de programa\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Archivos de programa\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws) -- C:\Archivos de programa\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Archivos de programa\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (odserv) -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (BBSvc) -- C:\Archivos de programa\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Archivos de programa\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (fsssvc) -- C:\Archivos de programa\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Archivos de programa\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- system32\drivers\RTKVHDA.sys File not found
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.)
DRV - (SmartDefragDriver) -- C:\Windows\System32\drivers\SmartDefragDriver.sys ()
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\rtl8187B.sys (Realtek Semiconductor Corporation )
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (WINIO) -- C:\Windows\System32\WinIo.sys (http://www.internals.com)
DRV - (alcan5ln) SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS) -- C:\Windows\System32\drivers\alcan5ln.sys (THOMSON)
DRV - (alcaudsl) -- C:\Windows\System32\drivers\alcaudsl.sys (THOMSON)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {ce10bf86-da68-441e-91fa-38336363e3cd} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2186473

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.ar/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ar.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-ar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8C 0B F5 7F 99 D7 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {ce10bf86-da68-441e-91fa-38336363e3cd} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=17284
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=VD&o=14778&src=crm&q={searchTerms}&locale=es_ES&apn_ptnrs=VX&apn_dtid=YYYYYYFDAR&apn_uid=B94C643A-3B79-44B5-ADF8-482BD7F46900&apn_sauid=E9D71F75-37C9-4BEB-BD73-D5E9F5392E3F
IE - HKCU\..\SearchScopes\{20F2C492-7FE7-4E02-8466-A58252A5BE2A}: "URL" = http://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=ar&nt=1
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_esAR376
IE - HKCU\..\SearchScopes\{8D925F0B-BEFD-42AF-BD7C-AF0F60837C6D}: "URL" = http://ar.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B37D2502-5225-46C7-B60D-4D0F147AC78F}&mid=afaf267d9363d2c32cfe3bc77b25eee4-eda271ce2075ae7c128c9780642b6d23a7c3c85f&lang=es-es&ds=AVG&pr=pr&d=2012-06-16 16:35:11&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17284"
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749&ilc=12"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://google.com"
FF - prefs.js..extensions.enabledItems: {7E77F5DF-8022-40e3-9122-F03DEBEFC43B}:1.0.25
FF - prefs.js..extensions.enabledItems: {9d1f059c-cada-4111-9696-41a62d64e3ba}:0.9.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1912
FF - prefs.js..extensions.enabledItems: avg@toolbar:11.1.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7Bbd016058-8f21-477e-b915-95cc3ddc8713%7D&mid=afaf267d9363d2c32cfe3bc77b25eee4-eda271ce2075ae7c128c9780642b6d23a7c3c85f&ds=AVG&v=11.1.0.7&lang=es-es&pr=pr&d=2012-06-16%2016%3A35%3A11&sap=ku&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Iminent\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/14 02:47:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/06/16 16:35:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/06/16 16:26:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/06/16 16:35:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/14 05:06:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/14 05:06:56 | 000,000,000 | ---D | M]

[2010/10/10 19:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\luch\AppData\Roaming\mozilla\Extensions
[2012/06/16 17:48:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\luch\AppData\Roaming\mozilla\Firefox\Profiles\jj8gnth8.default\extensions
[2010/12/07 21:27:18 | 000,000,000 | ---D | M] (PsicoTSI) -- C:\Users\luch\AppData\Roaming\mozilla\Firefox\Profiles\jj8gnth8.default\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}
[2012/05/31 23:26:11 | 000,000,000 | ---D | M] (FoxTrick) -- C:\Users\luch\AppData\Roaming\mozilla\Firefox\Profiles\jj8gnth8.default\extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}
[2012/03/30 11:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2011/04/16 13:15:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/08/31 08:31:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/10 13:32:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2012/03/30 11:09:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/06/16 16:26:42 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/06/16 16:35:25 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2011/04/16 13:15:19 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/08/31 08:31:28 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/10 13:32:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2012/03/30 11:09:44 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/06/14 02:47:08 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2012/06/16 16:35:22 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.1.0.7
[2012/06/14 05:06:55 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/30 11:09:27 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/16 16:35:06 | 000,003,750 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/06/14 05:06:49 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/14 05:06:49 | 000,003,996 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\drae.xml
[2012/06/14 05:06:49 | 000,001,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-es.xml
[2012/06/14 05:06:49 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/06/14 05:06:49 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-es.xml
[2012/06/14 05:06:49 | 000,001,102 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-es.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\luch\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\luch\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.442_0\npbrowserext.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\luch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Web Assistant = C:\Users\luch\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.442_0\
CHR - Extension: AVG Safe Search = C:\Users\luch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: AVG Do Not Track = C:\Users\luch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\

O1 HOSTS File: ([2009/06/10 18:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Archivos de programa\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Archivos de programa\Web Assistant\Extension32.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Archivos de programa\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Archivos de programa\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Archivos de programa\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (GretechBHO Class) - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Archivos de programa\GRETECH\GomPicker\GomPickerBHO.dll (Gretech Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Archivos de programa\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {ce10bf86-da68-441e-91fa-38336363e3cd} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CE10BF86-DA68-441E-91FA-38336363E3CD} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [PowerManager] C:\Archivos de programa\Power Manager\PM.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Evo Ares ® ..:::Warez-Master:::..)
O4 - Startup: C:\Users\luch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Archivos de programa\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Archivos de programa\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D7D6E79-B005-49BC-AE5A-CDB83678064F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2E800D0-7D4F-4CF0-94E5-13034BD6A380}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Archivos de programa\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Archivos de programa\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Archivos de programa\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Archivos de programa\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Archivos de programa\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/06/16 18:08:27 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{C493D6D7-625D-45AE-AE4B-67F7A9EC7864}
[2012/06/16 18:07:58 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F5101FDB-0CE1-44AE-9161-4FD1B1908F81}
[2012/06/16 16:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/06/16 16:48:14 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/06/16 16:35:36 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\AVG Secure Search
[2012/06/16 16:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/06/16 16:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/06/16 16:35:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/06/16 16:35:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/06/16 16:26:38 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/06/16 16:26:37 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\AVG
[2012/06/16 15:45:51 | 000,000,000 | ---D | C] -- C:\Users\luch\Desktop\Eliminar Completamente Avira
[2012/06/16 15:45:33 | 000,000,000 | ---D | C] -- C:\Users\luch\Desktop\Eliminar Completamente AVG
[2012/06/16 15:40:39 | 003,879,304 | ---- | C] (AVG Technologies) -- C:\Users\luch\Desktop\avg_free_stb_all_2012_2180_cnet.exe
[2012/06/16 15:37:08 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{4AE77924-FCAE-4FFC-A99E-2528A52D3A85}
[2012/06/16 15:36:56 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{92CC6A0B-DE75-4C10-ACCA-EFFC20C4A4AB}
[2012/06/16 15:17:03 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{8783A558-BE1D-4A6C-9B15-CD6AF54A425F}
[2012/06/16 15:16:26 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{709A1306-5E71-4D03-BBA4-D1714AEFD16F}
[2012/06/15 16:53:23 | 000,036,864 | ---- | C] (NirSoft) -- C:\windows\nircmd.exe
[2012/06/15 16:47:32 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{03F3B1DC-865C-4DB4-BC2E-32EF5AFF2C90}
[2012/06/15 16:47:20 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{94981313-CC03-4A9D-9759-42001474CFAD}
[2012/06/15 15:27:05 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Roaming\AVG2012
[2012/06/15 15:22:56 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{CD4AC8D7-2386-4BD9-8EAB-90090353FFFA}
[2012/06/15 15:22:43 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F55AA08E-3C4A-4F8B-80AC-6EAE13C7A231}
[2012/06/15 12:53:04 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{03E11313-F130-43DF-AB8F-BBC59E6FD760}
[2012/06/15 12:52:46 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{96886367-66BB-4330-9AE9-EFA85E361961}
[2012/06/15 00:46:36 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F7EE79E4-7001-4460-B4F6-0E1A06022B37}
[2012/06/14 23:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sauerbraten
[2012/06/14 23:43:27 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sauerbraten
[2012/06/14 23:41:04 | 000,000,000 | ---D | C] -- C:\Program Files\Sauerbraten
[2012/06/14 21:07:28 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Activision Value
[2012/06/14 21:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision Value
[2012/06/14 21:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Activision Value
[2012/06/14 12:45:02 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{49F44E29-F0A6-4C15-84B1-38836042CE88}
[2012/06/14 05:27:39 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{7A1761C7-C7EB-486F-9673-E317FB40A9A1}
[2012/06/14 05:27:18 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D4F4CEED-C667-49B4-B42F-E7E0871241A1}
[2012/06/14 02:59:18 | 000,000,000 | ---D | C] -- C:\Users\luch\Documents\Hunting Unlimited 2010
[2012/06/14 02:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Break For Games
[2012/06/14 02:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012/06/14 01:42:33 | 000,000,000 | ---D | C] -- C:\Users\luch\Documents\JustCause
[2012/06/13 23:53:35 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{7467D9AE-F44B-44A3-8849-D8B272E69963}
[2012/06/13 23:53:07 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{0184C349-FAB9-44E9-8B54-9A20512BD833}
[2012/06/13 17:11:53 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F19063D7-88FB-4C1B-9E7C-AAC126DEAEC4}
[2012/06/13 17:11:27 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{5A29980E-7DB2-4EA2-A8AB-44B1D5FD4DCD}
[2012/06/13 17:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\IMinent Toolbar
[2012/06/13 17:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/06/13 17:00:20 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Roaming\uTorrent
[2012/06/13 16:59:46 | 000,880,528 | ---- | C] (BitTorrent, Inc.) -- C:\Users\luch\Desktop\uTorrent_3.1.3.27327.exe
[2012/06/13 13:01:48 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{799FE09D-4047-4B2C-9748-1C74F9E7D6DD}
[2012/06/13 13:01:35 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{438AF965-3A19-47C6-B506-80888A4A3A6C}
[2012/06/13 00:16:03 | 000,000,000 | ---D | C] -- C:\Users\luch\Desktop\Quake II
[2012/06/12 09:35:19 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{153D489D-11DA-4DD9-BF5C-34615F9C5BDF}
[2012/06/12 09:35:06 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{88FCBF01-08FF-4632-8DAB-B9777F3B7555}
[2012/06/11 12:57:44 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D2740763-2AA2-4577-995D-B22FBE3AF2C0}
[2012/06/11 12:57:30 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{3B1A0EA0-D024-4CC9-8E4E-6A157BF21866}
[2012/06/10 13:43:06 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{4E572CD6-4610-4F53-9FCB-30DC18B54C54}
[2012/06/10 13:42:54 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{BC74BF62-AF7D-4A3E-B359-D2A21A52F46F}
[2012/06/10 00:57:31 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{ABC8F3F7-5EDB-48AA-8B75-6A88C529AE7E}
[2012/06/10 00:57:19 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{2B24A746-EF7A-411F-905F-9B0C1C222FD8}
[2012/06/09 12:21:37 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{FC25C829-7CE3-42DF-BDEB-1E674C2C2ACE}
[2012/06/09 12:21:24 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{7FAD5C05-6171-43E4-A3E8-B0F4ADCF1FB7}
[2012/06/08 12:46:36 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{1FE778D4-CACB-462F-B1A2-312BC0493D4C}
[2012/06/08 12:46:08 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{0213B44A-8C2B-46CB-B61F-29BB0D551474}
[2012/06/07 17:41:41 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D214CCCF-D47B-4ABB-BCDE-BD96C7AEAD26}
[2012/06/07 17:41:29 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{41EF2043-F292-4A28-8DE3-9DAE912DC1E7}
[2012/06/07 11:00:21 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{1D70C3B5-3B95-4BB8-AFE4-5AFAFAC936FC}
[2012/06/07 10:59:55 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{2C00C453-7232-478F-9DE6-47A04DB632B2}
[2012/06/06 14:33:41 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{A2B3B6FE-BA66-4019-A5DD-3E95FA1EED86}
[2012/06/06 14:33:23 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{3B50B58B-C3DA-481C-A627-E2EC40AFFAD9}
[2012/06/05 10:07:57 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{CB28A314-DBD9-433F-83B2-816324A509A1}
[2012/06/05 10:07:38 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{1974CDE0-CFBD-4C52-912D-A54BD9163E16}
[2012/06/04 15:13:40 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{AE5E9DBB-88B4-4D5E-9568-CB91C8724CA8}
[2012/06/04 15:13:13 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{FDB2E228-252A-42CC-BCB7-DE19982E7487}
[2012/06/03 16:19:37 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{C4A197D1-F70F-4245-B235-A785320CE961}
[2012/06/03 16:18:51 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{23E5330D-6A2D-4D87-B439-01C3680014FA}
[2012/06/03 12:50:25 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{02355436-0E36-4535-A14C-D8843319A973}
[2012/06/03 12:50:13 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{B8171EC0-082D-4EB8-A9AD-955CAC8F8AA0}
[2012/06/02 16:01:11 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{8B52D247-D4F2-47AC-9B76-AAC6251024B0}
[2012/06/02 16:00:48 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{7DC66E84-6F3D-4FF1-AA46-C1E85405EEFB}
[2012/06/01 10:03:03 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{E82FDDB7-7E29-4102-B735-2726EBBBC0C3}
[2012/06/01 10:02:48 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F758E757-A6B3-4765-ABFC-8533696CC6EB}
[2012/05/31 19:33:46 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{BBE39123-E2F3-4FBD-A9D5-74E595AD8908}
[2012/05/31 19:33:31 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{B0D6E71C-B1A2-4BAE-AD68-AE8069010AFF}
[2012/05/31 09:32:06 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{1348B4B6-491D-476C-8B84-71EFBA195BC1}
[2012/05/31 09:31:50 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{059906AA-0732-4082-8C80-5460FB48D3E8}
[2012/05/30 11:04:51 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F5B47B0F-ADA8-47FD-BFC0-7FBD7218D51A}
[2012/05/30 11:04:37 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D9655E5A-263A-4732-A91D-233CC59E95CE}
[2012/05/29 15:16:21 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{CDB1FE81-A2F6-46C8-B66D-ED9D7ADB2E73}
[2012/05/29 15:16:06 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{0FAE8A2E-5D55-427D-9ED4-228A43D7FACC}
[2012/05/28 16:47:57 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{88149592-4181-4682-B370-2524EF00ABFF}
[2012/05/28 16:47:46 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{343380F5-EBE7-47D8-8E26-F12E66C4AC87}
[2012/05/27 13:33:18 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{723871D5-083C-4E65-BB28-959AB25A6F3F}
[2012/05/27 13:33:04 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{ACC0D561-C7C7-4E33-818B-88700A1A4B00}
[2012/05/26 18:32:48 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{235342CE-0107-42B9-B866-002CD7C9CB4C}
[2012/05/26 18:32:35 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{201F5865-0423-4966-A3EA-8344543D60BA}
[2012/05/26 14:29:19 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{BE71299C-3C8C-4C6D-A0C1-53D7D38113B7}
[2012/05/26 13:33:55 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{B900BCC8-7FF1-4D0B-8306-DB2A7AFA9ED5}
[2012/05/26 13:33:23 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{FE01DD72-D3BF-4197-BE77-81AA29F79083}
[2012/05/25 22:04:46 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{288ED055-8214-4E4A-9FFC-A33F024BFF2D}
[2012/05/25 21:32:01 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{DAC9E407-ACF1-469E-9640-BB6905C92B57}
[2012/05/25 20:32:56 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{5FECE319-9DFD-40EB-8284-1DF68EB1D1B8}
[2012/05/24 14:50:09 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{0E137899-2C68-4D2D-A8C0-C86C240044A6}
[2012/05/24 10:02:01 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{768516DD-A351-40A0-B623-275C46128212}
[2012/05/23 19:24:49 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{E6BF6292-1E86-4420-A2D8-001B5E75E8CB}
[2012/05/23 18:28:01 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{44C4DAD7-00F3-4D1B-8DB2-AC32EDC5D529}
[2012/05/23 13:20:53 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{5D1821C3-9C9C-4E3F-9F60-C9147712A96C}
[2012/05/22 15:51:12 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{0B02AA91-07EB-4E6F-B73D-A7CC65BEFDF4}
[2012/05/21 14:00:08 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D1370F7F-C18F-4575-9C02-5EE43A4EE156}
[2012/05/21 13:59:56 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{A0F734B0-0D8C-4337-A618-42462B529D1A}
[2012/05/20 19:02:26 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{E0C6DB13-1AAA-4134-BC69-3122ED9B4FC4}
[2012/05/20 19:02:14 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{98722963-9E70-433B-9BF1-F16F65D83300}
[2012/05/20 15:08:08 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{D6D39411-36CC-4136-BE96-AE7F5B18D869}
[2012/05/20 15:07:53 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{F236B685-9640-4A7A-BDA9-E11307A47E1B}
[2012/05/19 12:55:00 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{5A57A257-D035-41A0-8D4E-327FCB9A9447}
[2012/05/19 12:54:28 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{10ADFD70-DD9F-4824-9CE4-6CC09FA3C32A}
[2012/05/18 20:04:10 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{6B84D1D9-2F38-4BD4-A392-9EE8A30F39C9}
[2012/05/18 20:03:57 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{797CDFBF-6AAB-4663-946A-AE5EEA5FB4DF}
[2012/05/18 14:42:03 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{7A6755C9-D035-4E11-A2AA-0F6A8B573468}
[2012/05/18 14:41:51 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{9E4D90CF-698D-424C-B39F-BDD34E43061D}
[2012/05/18 13:19:41 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{B5C2DD31-D1D9-4FDE-B4CD-247D63CFDDDF}
[2012/05/18 13:19:29 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{E0551F21-CF2B-4DCE-B717-210ACE67DF0F}
[2012/05/17 19:56:44 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{92039F2A-71B4-492C-A70E-8B1D64346CD0}
[2012/05/17 19:56:31 | 000,000,000 | ---D | C] -- C:\Users\luch\AppData\Local\{DFC0C759-E120-4447-8594-17ED1BE79817}
[2011/03/23 23:20:03 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe

========== Files - Modified Within 30 Days ==========

[2012/06/16 18:28:00 | 000,001,024 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/16 18:21:00 | 000,000,838 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/06/16 18:11:00 | 000,010,880 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/16 18:11:00 | 000,010,880 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/16 18:06:53 | 000,001,020 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/16 18:06:52 | 000,000,368 | ---- | M] () -- C:\windows\tasks\AWC Startup.job
[2012/06/16 18:03:34 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/06/16 18:03:31 | 1603,084,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/16 17:21:06 | 063,581,097 | ---- | M] () -- C:\windows\System32\drivers\AVG\incavi.avm
[2012/06/16 16:48:15 | 000,001,235 | ---- | M] () -- C:\Users\luch\Desktop\Revo Uninstaller.lnk
[2012/06/16 16:35:25 | 000,000,962 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/06/16 15:42:39 | 003,879,304 | ---- | M] (AVG Technologies) -- C:\Users\luch\Desktop\avg_free_stb_all_2012_2180_cnet.exe
[2012/06/16 00:03:31 | 000,000,647 | ---- | M] () -- C:\windows\rally.ini
[2012/06/14 23:43:28 | 000,001,918 | ---- | M] () -- C:\Users\luch\Desktop\Sauerbraten.lnk
[2012/06/14 05:24:13 | 000,374,912 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/06/14 02:48:05 | 000,000,447 | ---- | M] () -- C:\user.js
[2012/06/13 20:37:52 | 000,000,963 | ---- | M] () -- C:\windows\System32\InstallUtil.InstallLog
[2012/06/13 20

23 | 000,703,840 | ---- | M] () -- C:\windows\System32\perfh00A.dat
[2012/06/13 20

23 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/06/13 20

23 | 000,137,806 | ---- | M] () -- C:\windows\System32\perfc00A.dat
[2012/06/13 20

23 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/06/13 17:04:42 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/06/13 17:00:06 | 000,880,528 | ---- | M] (BitTorrent, Inc.) -- C:\Users\luch\Desktop\uTorrent_3.1.3.27327.exe
[2012/06/11 23:33:07 | 000,002,299 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/05/28 22:46:20 | 000,002,126 | ---- | M] () -- C:\windows\tasks\hpwebreg_xxxxxxxxxx.job
[2012/05/28 15:02:16 | 000,625,911 | ---- | M] () -- C:\windows\System32\drivers\AVG\iavifw.avm

========== Files Created - No Company Name ==========

[2012/06/16 17:21:06 | 063,581,097 | ---- | C] () -- C:\windows\System32\drivers\AVG\incavi.avm
[2012/06/16 16:48:15 | 000,001,235 | ---- | C] () -- C:\Users\luch\Desktop\Revo Uninstaller.lnk
[2012/06/16 16:35:25 | 000,000,962 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/06/16 00:00:50 | 000,000,647 | ---- | C] () -- C:\windows\rally.ini
[2012/06/15 16:53:23 | 000,069,660 | ---- | C] () -- C:\windows\Fart.exe
[2012/06/15 16:53:23 | 000,011,776 | ---- | C] () -- C:\windows\Colous.exe
[2012/06/14 23:43:28 | 000,001,918 | ---- | C] () -- C:\Users\luch\Desktop\Sauerbraten.lnk
[2012/06/14 02:47:56 | 000,000,447 | ---- | C] () -- C:\user.js
[2012/06/13 17:09:35 | 000,000,963 | ---- | C] () -- C:\windows\System32\InstallUtil.InstallLog
[2012/06/13 17:04:42 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/05/28 15:02:16 | 000,625,911 | ---- | C] () -- C:\windows\System32\drivers\AVG\iavifw.avm
[2012/03/08 17:02:13 | 000,073,220 | ---- | C] () -- C:\windows\System32\EPPICPrinterDB.dat
[2012/03/08 17:02:13 | 000,031,053 | ---- | C] () -- C:\windows\System32\EPPICPattern131.dat
[2012/03/08 17:02:13 | 000,029,114 | ---- | C] () -- C:\windows\System32\EPPICPattern1.dat
[2012/03/08 17:02:13 | 000,027,417 | ---- | C] () -- C:\windows\System32\EPPICPattern121.dat
[2012/03/08 17:02:13 | 000,021,021 | ---- | C] () -- C:\windows\System32\EPPICPattern3.dat
[2012/03/08 17:02:13 | 000,015,670 | ---- | C] () -- C:\windows\System32\EPPICPattern5.dat
[2012/03/08 17:02:13 | 000,013,280 | ---- | C] () -- C:\windows\System32\EPPICPattern2.dat
[2012/03/08 17:02:13 | 000,010,673 | ---- | C] () -- C:\windows\System32\EPPICPattern4.dat
[2012/03/08 17:02:13 | 000,004,943 | ---- | C] () -- C:\windows\System32\EPPICPattern6.dat
[2012/03/08 17:02:13 | 000,001,140 | ---- | C] () -- C:\windows\System32\EPPICPresetData_PT.dat
[2012/03/08 17:02:13 | 000,001,140 | ---- | C] () -- C:\windows\System32\EPPICPresetData_BP.dat
[2012/03/08 17:02:13 | 000,001,137 | ---- | C] () -- C:\windows\System32\EPPICPresetData_ES.dat
[2012/03/08 17:02:13 | 000,001,130 | ---- | C] () -- C:\windows\System32\EPPICPresetData_FR.dat
[2012/03/08 17:02:13 | 000,001,130 | ---- | C] () -- C:\windows\System32\EPPICPresetData_CF.dat
[2012/03/08 17:02:13 | 000,001,104 | ---- | C] () -- C:\windows\System32\EPPICPresetData_EN.dat
[2012/03/08 17:02:13 | 000,000,097 | ---- | C] () -- C:\windows\System32\PICSDK.ini
[2012/03/08 17:01:28 | 000,000,071 | ---- | C] () -- C:\windows\ESTX115.ini
[2011/11/13 00:14:54 | 000,003,584 | ---- | C] () -- C:\Users\luch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/01 21:02:09 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/04/16 12:49:15 | 000,029,008 | ---- | C] () -- C:\windows\System32\SmartDefragBootTime.exe
[2011/04/16 12:49:15 | 000,016,184 | ---- | C] () -- C:\windows\System32\drivers\SmartDefragDriver.sys
[2011/03/31 02:26:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/23 03:39:42 | 000,002,560 | ---- | C] () -- C:\windows\_MSRSTRT.EXE
[2010/09/22 21:52:57 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI

========== LOP Check ==========

[2010/05/25 16:51:11 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Acoustica
[2010/03/06 11:12:36 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Ashampoo
[2012/06/15 15:27:05 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\AVG2012
[2012/05/14 22:34:29 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Epson
[2012/06/16 17:20:21 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\IObit
[2011/03/23 23:28:06 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Movier
[2010/06/10 20:24:42 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\PhotoScape
[2012/06/15 00:50:22 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\uTorrent
[2011/08/01 22:09:12 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Visan
[2011/01/04 17:11:26 | 000,000,000 | ---D | M] -- C:\Users\luch\AppData\Roaming\Windows Live Writer
[2012/06/16 18:06:52 | 000,000,368 | ---- | M] () -- C:\windows\Tasks\AWC Startup.job
[2012/05/18 14:40:10 | 000,032,636 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012/06/15 16:54:12 | 000,005,102 | ---- | M] () -- C:\AT-Destroyer.txt
[2009/06/10 18:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/07/13 22:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/02/01 04:17:31 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009/06/10 18:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2012/06/16 18:03:31 | 1603,084,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/16 18:03:31 | 2137,448,448 | -HS- | M] () -- C:\pagefile.sys
[2012/06/14 02:48:05 | 000,000,447 | ---- | M] () -- C:\user.js

========== Alternate Data Streams ==========

@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:8C35AEA7

< End of report >

Ese es el informe del OTL, desinstale los 2 antivirus y volvi a instalar el avg security 2012 y ya me quedo con ese solo, despues use el Revo Unistaller, para desinstalar los programas que dijiste y un par mas que tenia sin uso, los que no encontre de esos fueron, Application Updater, Avg Toolbar, IMinent Toolbar, Ask toolbar... Bueno eso es todo, saludos y gracias

**SanMar** · 17/06/12, 03:49:02

Hola luchocarp92:

Realiza lo siguiente:

1.- Desinstala con RevoUnistaller como ya lo has hecho anteriormente si estas de acuerdo, ya que no recomendamos los siguientes programas:

Advanced SystemCare (IObit)
Smart Defrag 2 (IObit)

2.- Ejecutar OTL.exe

Pegue el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

NOTA: No copiar la palabra codigo.

Código:

:OTL
PRC - C:\Archivos de programa\Web Assistant\ExtensionUpdaterService.exe ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- system32\drivers\RTKVHDA.sys File not found
IE - HKLM\..\URLSearchHook: {ce10bf86-da68-441e-91fa-38336363e3cd} - No CLSID value found
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&cti d=CT2186473
IE - HKCU\..\URLSearchHook: {ce10bf86-da68-441e-91fa-38336363e3cd} - No CLSID value found
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=17284
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=VD&o=14778&src=crm&q={search Terms}&locale=es_ES&apn_ptnrs=VX&apn_dtid=YYYYYYFD AR&apn_uid=B94C643A-3B79-44B5-ADF8-482BD7F46900&apn_sauid=E9D71F75-37C9-4BEB-BD73-D5E9F5392E3F
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17284"
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Iminent\[email protected]
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Archivos de programa\Web Assistant\Extension32.dll ()
O3 - HKLM\..\Toolbar: (no name) - {ce10bf86-da68-441e-91fa-38336363e3cd} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CE10BF86-DA68-441E-91FA-38336363E3CD} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2012/06/16 15:45:51 | 000,000,000 | ---D | C] -- C:\Users\luch\Desktop\Eliminar Completamente Avira
[2012/06/14 02:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012/06/13 17:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\IMinent Toolbar
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:8C35AEA7

:files
C:\Program Files\Web Assistant /d
C:\Program Files\IMinent Toolbar /d
ipconfig /flushdns /c
ipconfig /renew /c

:Commands
[resethosts]
[emptyflash]
[emptytemp]
[emptyjava]
[Reboot]

Luego haga clic en el botón Reparar en la parte superior.
Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.

Nos comentas como sigue el problema.

Salu2,

**luchocarp92** · 17/06/12, 13:09:05

Esos programas los tenia porque pense que mejoraban el sistema

los borre, con pasar el cleaner y desfragmentar el disco cada tanto basta?

puse el OTL, reparar y mientras trabajaba me aparecio un mensaje con una cruz roja que decia cannot files dowload y algo mas, puse aceptar y se quedo colgado, reinice la notbook y entre a la carpeta _OTL/movedfiles y no aparece ningun reporte, solo carpetas... Lo que si te puedo decir que el problema con los links se fue

con eso ya basta? o quedo algo por hacer?

te agradesco muchisimo la ayuda

**SanMar** · 17/06/12, 13:21:54

Hola:

con pasar el cleaner y desfragmentar el disco cada tanto basta?

Pues si, Ccleaner es la mejor Opción

o quedo algo por hacer?

Debemos asegurarnos por el error que te dio, vuelve a ejecutar OTL como la primera vez que te lo indique, Paso 3 del Segundo post.

Salu2.

Eliminar Mystart Incredibar. (Solucionado)

Herramientas

Eliminar Mystart Incredibar. (Solucionado)

Re: Eliminar Mystart Incredibar

Re: Eliminar Mystart Incredibar

Re: Eliminar Mystart Incredibar

Re: Eliminar Mystart Incredibar

Re: Eliminar Mystart Incredibar

Re: Eliminar Mystart Incredibar

Re: Eliminar Mystart Incredibar

Re: Eliminar Mystart Incredibar

Re: Eliminar Mystart Incredibar