Mi pc se pone lenta (Solucionado)

**jamesrock66** · 06/08/12, 13:56:44

Hola, buen dia a todos en este foro, les contare mi problema: mi pc se pone lenta cuando uso algun programa como por ejemplo power point, o sea, el programa en si se pone lento, igual que otros programas como gimp 2, google earth, entre otros. Aca dejo mi log de hijackthis, mucha gracias

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:48:21 a.m., on 06/08/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Iminent\Iminent.exe
C:\Program Files\Iminent\Iminent.Messengers.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TRENDnet\TEW-648UB\WlanCU.exe
C:\Users\Repre_Quimica\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Repre_Quimica\AppData\Roaming\ForgetBox\ForgetBox.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Opera\opera.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
C:\Users\Repre_Quimica\AppData\Roaming\ForgetBox\ForgetBoxInterface.exe
C:\Windows\system32\cmd.exe
C:\Windows\SYSTEM32\java.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE
C:\Users\Repre_Quimica\AppData\Local\Opera\Opera\temporary_downloads\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Repre_Quimica\Desktop\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com/?appid=ac460c70-c04d-4a0b-9f8a-d51e09933664
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - (no file)
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: IEWebHook - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Repre_Quimica\AppData\Roaming\Media Finder\Extensions\IEPlugin32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Help the General-Search Project - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\REPRE_~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe /startup
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - HKUS\S-1-5-21-643385005-1702227153-3272280709-501\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Invitado')
O4 - Startup: Dropbox.lnk = Repre_Quimica\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: ForgetBox.lnk = Repre_Quimica\AppData\Roaming\ForgetBox\ForgetBox.exe
O4 - Startup: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-648UB\WlanCU.exe
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: WlanWpsSvc - Unknown owner - C:\Program Files\TRENDnet\TEW-648UB\WlanWpsSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 22991 bytes

**Javierhf** · 07/08/12, 18:30:04

Buenas

jamesrock66.

al Foro.

Temas que interesa revisar y leer :

Consejos para antes de publicar un nuevo mensaje.

Políticas del Foro de InfoSpyware.

Políticas Foro Oficial de HijackThis en español.

¿Cómo subir imágenes al Foro? *TUTORIAL*
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ahora vamos al problema, realiza estos procesos :

Descarga >> AT-Destroyer (Adwares/Toolbars-Destroyer) By Infospyware.(Adjunto al final del mensaje)
Desactiva temporalmente el Antivirus y/o Antispyware.
Ejecuta AT-Destroyer. (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")
Aparecerá el Disclaimer, si estás de acuerdo, presiona SI para continuar.
Presiona sobre la opción 1 (Buscar y Destruir) para comenzar es escaneo.
AT-Destroyer desconectará el escritorio momentáneamente.
En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya encontrado la infección, sino, serán lineas verdes.
Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.(También lo puedes encontrar en C:\AT-Destroyer.log)
Inmediatamente debes Reiniciar el equipo.

Y a continuación este otro, descarga >> OTL By OldTimer

>>> Para Ejecutar OTL

Cerrar todos programas que tengas abiertos y hacer doble click en el ícono de OTL para ejecutarlo.
Dejarlo correr y esperar a que aparezca el menú de OTL..
Cuando salga el menú de OTL, debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
Marcar la casilla Analizar Todos.
Marcar las opciones: Buscar LOP y Buscar Purity.
Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
Copiar y Pegar las lineas del siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

NOTA: No copiar la palabra Cita.

netsvcs
msconfig
%SYSTEMDRIVE%\*.*
CREATERESTOREPOINT
Por favor No cambies el resto de la configuración a menos que te lo solicitemos.

Presionar el botón .
Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.

Saludos, Javier.

**jamesrock66** · 08/08/12, 13:13:12

Muchas gracias por tu ayuda, muy agradecido, haré lo que me decís. Saludos, cordialmente, Jaime Urrutia.

**Javierhf** · 08/08/12, 13:31:01

Perfecto,

cuando tengas los informes los pones.

Saludos.

**jamesrock66** · 08/08/12, 13:54:28

Muchas gracias otra vez, aca va el At destroyer txt, el sistema no lo he visto muy bien, pero creo que ha mejorado algo, AT DESTROYER TXT:

#################################################### A/T-Destroyer by InfoSpyware ############

A/T-Destroyer 1.0.7 By Infospyware
www.infospyware.com
Fecha iniciada en el analisis 08/08/2012
Hora iniciada en el analisis 11:17:11.69
Usuario Actual : [C:\Users\Repre_Quimica]
Sistema Operativo: Windows Vista (TM) Home Basic
Service pack: Service Pack 2
Arquitectura: Sistema operativo de 32 bits
Versión Internet Explorer: 9.0.8112.16421
Modo Actual: Modo Normal.
Privilegios: [Repre_Quimica-Administrador]
Versión Google Chrome:
Versión Mozilla Firefox:

====== Servicios Eliminados By A/T-Destroyer ======

====== Claves Eliminadas By A/T-Destroyer ======

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | ( Iminent )
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | ( IminentMessenger )
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | ( {977AE9CC-AF83-45E8-9E03-E2798216E2D5} )
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | ( {F9639E4A-801B-4843-AEE3-03D9DA199E77} )
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}
HKEY_LOCAL_MACHINE\SOFTWARE\Mail.Ru\Guard
HKEY_LOCAL_MACHINE\SOFTWARE\Mail.Ru
HKEY_CLASSES_ROOT\AppID\escort.DLL
HKEY_CLASSES_ROOT\AppID\escort.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}\instl
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}\instl\data
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}\instl\dfltLng
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
HKEY_CURRENT_USER\Software\ImInstaller\IncrediMail
HKEY_CURRENT_USER\Software\ImInstaller
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}
HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\Implemented Categories
HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\InprocServer32
HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\ProgID
HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\Programmable
HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\TypeLib
HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}\VersionIndependentProgID
HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}
HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\AppPaths
HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\AppPaths\client
HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\Community Alerts
HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
HKEY_LOCAL_MACHINE\SOFTWARE\Iminent\Assemblies
HKEY_LOCAL_MACHINE\SOFTWARE\Iminent\Mediator
HKEY_LOCAL_MACHINE\SOFTWARE\Iminent\Mediator\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Iminent\WebBooster
HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
HKEY_CURRENT_USER\SOFTWARE\Iminent
HKEY_CURRENT_USER\SOFTWARE\Iminent\SearchTheWeb
HKEY_CURRENT_USER\SOFTWARE\Iminent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\YontooIEClient.DLL
HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\InProcServer32
HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}
HKLM\SOFTWARE\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\VersionIndependentProgID
HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\VersionIndependentProgID
HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44b0-A826-84C829536E93}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44b0-A826-84C829536E93}\defaultEnableAppsList
HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44b0-A826-84C829536E93}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\NumMethods
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\TypeLib
HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\NumMethods
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\TypeLib
HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\FLAGS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\HELPDIR
HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Api
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Api\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Api\CurVer
HKLM\SOFTWARE\Classes\YontooIEClient.Api
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Api.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Api.1\CLSID
HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Layers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Layers\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Layers\CurVer
HKLM\SOFTWARE\Classes\YontooIEClient.Layers
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Layers.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Layers.1\CLSID
HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Components
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Components\{1A975F48-2A3C-44FE-A91C-49D3C12ED0BC}
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Components\{4889CB45-FFEB-486E-8785-D034DAC2ACE6}
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Components\{8D8654CD-7FBC-4C7E-84E9-371BFA8DB04E}
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Components\{9307081B-7444-494C-8CF6-2FA7C0E92BFB}
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Components\{9D9785E5-3424-40B6-A287-BA143AD53109}
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Components\{B6783DFA-B8C8-4CB6-AB9F-EF1A1F7F7AE8}
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Components\{BB1DCBF2-6F69-4FB5-BA9F-0B46B5F93395}
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Components\{F5F971A9-DBF8-4EEC-81E3-5F1660573E6C}
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Products
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Products\{361E80BE-388B-4270-BF54-A10C2B756504}
HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\Products\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
HKLM\SOFTWARE\Tarma Installer

====== Archivos/Carpetas Eliminados By A/T-Destroyer ======

C:\ProgramData\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}
C:\ProgramData\InstallMate\{C1E28B35-42CA-43F0-8B8B-85F6E7255916}
C:\ProgramData\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\20120503170544.log
C:\ProgramData\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\20120504142845.log
C:\ProgramData\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\20120518161451.log
C:\ProgramData\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\B545B99D64128CA1
C:\ProgramData\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\BB3DA80EF703F4AF
C:\ProgramData\InstallMate\{C1E28B35-42CA-43F0-8B8B-85F6E7255916}\20120430135718.log
C:\ProgramData\InstallMate\{C1E28B35-42CA-43F0-8B8B-85F6E7255916}\8CCD55DA23FE0498
"C:\ProgramData\InstallMate"
C:\ProgramData\Premium\Setup
"C:\ProgramData\Premium"
C:\Users\Repre_Quimica\AppData\Roaming\SkyMonk\config.ini
C:\Users\Repre_Quimica\AppData\Roaming\SkyMonk\md5cache.ini
"C:\Users\Repre_Quimica\AppData\Roaming\SkyMonk"
C:\Users\Repre_Quimica\AppData\Roaming\OpenCandy\15A9D0648D824978AFDFA5D70D8885BF
C:\Users\Repre_Quimica\AppData\Roaming\OpenCandy\OpenCandy_15A9D0648D824978AFDFA5D70D8885BF
"C:\Users\Repre_Quimica\AppData\Roaming\OpenCandy"
"C:\Program Files\Mail.Ru"
C:\Users\Repre_Quimica\AppData\Roaming\Babylon\log_file.txt
"C:\Users\Repre_Quimica\AppData\Roaming\Babylon"
C:\Program Files\Incredibar.com\incredibar
C:\Program Files\Incredibar.com\incredibar\1.5.11.14
C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh
C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
C:\Program Files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
"C:\Program Files\Incredibar.com"
C:\Program Files\IMinent Toolbar\arrow_refresh.png
C:\Program Files\IMinent Toolbar\basis.xml
C:\Program Files\IMinent Toolbar\cog.png
C:\Program Files\IMinent Toolbar\computer_delete.png
C:\Program Files\IMinent Toolbar\icons.bmp
C:\Program Files\IMinent Toolbar\IMinent_Toolbar.dll
C:\Program Files\IMinent Toolbar\info.txt
C:\Program Files\IMinent Toolbar\TbCommonUtils.dll
C:\Program Files\IMinent Toolbar\tbcore3.dll
C:\Program Files\IMinent Toolbar\tbhelper.dll
C:\Program Files\IMinent Toolbar\TbHelper2.exe
C:\Program Files\IMinent Toolbar\uninstall.exe
C:\Program Files\IMinent Toolbar\update.exe
C:\Program Files\IMinent Toolbar\version.txt
"C:\Program Files\IMinent Toolbar"
C:\Program Files\Conduit\Community Alerts
C:\Program Files\Conduit\Community Alerts\Alert.dll
"C:\Program Files\Conduit"
"C:\Users\Repre_Quimica\Appdata\Local\Conduit"
"C:\ProgramData\Babylon"
C:\ProgramData\Ask\APN-Stub
"C:\ProgramData\Ask"
C:\Program Files\Web Assistant\Extension32.dll
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Program Files\Web Assistant\Firefox
C:\Program Files\Web Assistant\InstallerHelper.dll
C:\Program Files\Web Assistant\libraries
C:\Program Files\Web Assistant\resources
C:\Program Files\Web Assistant\source.crx
C:\Program Files\Web Assistant\unins000.dat
C:\Program Files\Web Assistant\unins000.exe
C:\Program Files\Web Assistant\Firefox\chrome
C:\Program Files\Web Assistant\Firefox\chrome.manifest
C:\Program Files\Web Assistant\Firefox\defaults
C:\Program Files\Web Assistant\Firefox\install.rdf
C:\Program Files\Web Assistant\Firefox\chrome\content
C:\Program Files\Web Assistant\Firefox\chrome\locale
C:\Program Files\Web Assistant\Firefox\chrome\skin
C:\Program Files\Web Assistant\Firefox\chrome\content\libraries
C:\Program Files\Web Assistant\Firefox\chrome\content\main.js
C:\Program Files\Web Assistant\Firefox\chrome\content\main.xul
C:\Program Files\Web Assistant\Firefox\chrome\content\resources
C:\Program Files\Web Assistant\Firefox\chrome\content\libraries\DataExchangeScript.js
C:\Program Files\Web Assistant\Firefox\chrome\content\resources\localscript.js
C:\Program Files\Web Assistant\Firefox\chrome\locale\en-US
C:\Program Files\Web Assistant\Firefox\chrome\locale\en-US\overlay.dtd
C:\Program Files\Web Assistant\Firefox\chrome\skin\overlay.css
C:\Program Files\Web Assistant\Firefox\defaults\preferences
C:\Program Files\Web Assistant\Firefox\defaults\preferences\defaults.js
C:\Program Files\Web Assistant\libraries\DataExchangeScript.js
C:\Program Files\Web Assistant\resources\localscript.js
"C:\Program Files\Web Assistant"
C:\Program Files\Funmoods\1.5.23.22
C:\Program Files\Funmoods\1.5.23.22\bh
C:\Program Files\Funmoods\1.5.23.22\escortApp.dll
C:\Program Files\Funmoods\1.5.23.22\escortEng.dll
C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll
C:\Program Files\Funmoods\1.5.23.22\escortShld.dll
C:\Program Files\Funmoods\1.5.23.22\FavIcon.ico
C:\Program Files\Funmoods\1.5.23.22\funmoodssrv.exe
C:\Program Files\Funmoods\1.5.23.22\uninstall.exe
C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll
"C:\Program Files\Funmoods"
C:\Program Files\Yontoo\YontooIEClient.dll
"C:\Program Files\Yontoo"
C:\Program Files\BrowserCompanion\blabbers-ch.crx
C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi
"C:\Program Files\BrowserCompanion"
C:\Program Files\I Want This\I Want This.dll
C:\Program Files\I Want This\I Want This.exe
C:\Program Files\I Want This\I Want This.ico
C:\Program Files\I Want This\I Want This.ini
C:\Program Files\I Want This\I Want ThisGui.exe
C:\Program Files\I Want This\I Want ThisInstaller.log
C:\Program Files\I Want This\Uninstall.exe
"C:\Program Files\I Want This"
C:\Program Files\Mozilla Firefox\extensions\[email protected]
C:\Users\Repre_Quimica\Appdata\Local\d3d9caps.dat
C:\Users\Repre_Quimica\Appdata\Local\GDIPFONTCACHEV1.DAT
C:\user.js

====== Información Extra ======

-_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
"HKCU\Software\Microsoft\Internet Explorer\Main"
Start Page == http://www.google.com
Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
Local Page == C:\Windows\system32\blank.htm

"HKLM\Software\Microsoft\Internet Explorer\Main"
Start Page == http://www.google.com
Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
Local Page == C:\Windows\System32\blank.htm
Default_Search_URL == http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL == http://go.microsoft.com/fwlink/?LinkId=69157

"HKEY_USERS\S-1-5-21-643385005-1702227153-3272280709-1000\Software\Microsoft\Internet Explorer\Main"
Start Page == http://www.google.com
Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
Local Page == C:\Windows\system32\blank.htm

-_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
"homepage": "http://www.google.com/",
"homepage_changed": true,
"homepage_is_newtabpage": false,
-_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
"homepage": "http://www.google.com/",
"homepage_changed": true,
"homepage_is_newtabpage": false,

-_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_

-_-_-_-_-_-_-_-_ Configuraciones de Opera-_-_-_-_-_-_-_-_
Home URL=http://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtCyE0DtC0Dzz0FyEyByEyC0B0ByEtN0D0Tzu0CtBtBtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=685878979
URL Fav Menu Dialog=714,20,205,99,0
Save Dir={Home}Desktop

======= EOF =======

En otro mensaje enviare los de OLT txt y Extras txt .

**jamesrock66** · 08/08/12, 14:03:34

Bueno, como en el anterior mensaje me dijo que eran muchas palabras entonces aca va lo de OLT txt y Extras Txt, muchas gracias, Saludos, Atte., Jaime

OTL logfile created on: 08/08/2012 11:29:35 a.m. - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Repre_Quimica\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000100a | Country: Guatemala | Language: ESG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 48.17% Memory free
4.22 Gb Paging File | 2.98 Gb Available in Paging File | 70.61% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.83 Gb Total Space | 153.79 Gb Free Space | 66.05% Space Free | Partition Type: NTFS
Drive E: | 232.83 Gb Total Space | 232.44 Gb Free Space | 99.83% Space Free | Partition Type: NTFS

Computer Name: REPRE_QUIMICA5 | User Name: Repre_Quimica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Repre_Quimica\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Archivos de programa\Opera\opera.exe (Opera Software)
PRC - C:\Windows\System32\java.exe (Oracle Corporation)
PRC - C:\Users\Repre_Quimica\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\Repre_Quimica\AppData\Roaming\ForgetBox\ForgetBoxInterface.exe (ForgetBox)
PRC - C:\Users\Repre_Quimica\AppData\Roaming\ForgetBox\ForgetBox.exe (ForgetBox)
PRC - C:\Archivos de programa\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Archivos de programa\PowerISO\PWRISOVM.EXE (Power Software Ltd)
PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Archivos de programa\TRENDnet\TEW-648UB\WlanCU.exe ()
PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\TRENDnet\TEW-648UB\WlanWpsSvc.exe ()
PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Windows Defender\MSASCui.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Archivos de programa\TRENDnet\TEW-648UB\WlanCU.exe ()
MOD - C:\Archivos de programa\TRENDnet\TEW-648UB\WPSCtrl.dll ()
MOD - C:\Archivos de programa\TRENDnet\TEW-648UB\WlanDll.dll ()

========== Win32 Services (SafeList) ==========

SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe File not found
SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NitroReaderDriverReadSpool2) -- C:\Archivos de programa\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (odserv) -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (WlanWpsSvc) -- C:\Archivos de programa\TRENDnet\TEW-648UB\WlanWpsSvc.exe ()
SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (Power Software Ltd)
DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
DRV - (RMCAST) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
DRV - (RtlProt) -- C:\Windows\System32\drivers\RtlProt.sys (Windows (R) Codename Longhorn DDK provider)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{3C7F6F24-01DF-D273-8096-577EAC697B68}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtCyE0DtC0Dzz0FyEyByEyC0B0ByEtN0D0Tzu0CtBtBtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=685878979
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.iminent.com/?appid=ac460c70-c04d-4a0b-9f8a-d51e09933664
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtCyE0DtC0Dzz0FyEyByEyC0B0ByEtN0D0Tzu0CtBtBtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=685878979
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes,DefaultScope = {70BA3E6B-1059-2266-0B2C-40E4A85231B8}
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtCyE0DtC0Dzz0FyEyByEyC0B0ByEtN0D0Tzu0CtBtBtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=685878979
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{3C7F6F24-01DF-D273-8096-577EAC697B68}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=230512_54x&babsrc=SP_ss&mntrId=eaa26bb4000000000000001372810c42
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_esGT464
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{70BA3E6B-1059-2266-0B2C-40E4A85231B8}: "URL" = http://www.ddlstart.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=750&product_id=872&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=GT&install_date=20120807&user_guid=929DD76834B5436693AA219E3E18F964&machine_id=6b07bb7a584d9b3c1344fcccdac1029b&browser=IE&os=win&os_version=6.0-x86-SP2&iesrc={referrer:source}
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={3AE36885-2A0C-4CC3-BF68-70B1DC892F71}&mid=19cf4a1091b647d093e1d15a3465e5b1-a8a315fc2916545a0e3b697b39c86f1c4f59a52b&lang=es-es&ds=st011&pr=sa&d=2012-05-16 17:06:52&v=9.0.0.23&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6PQxNtOc5B&i=26
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{E709D794-1587-4079-8E5D-3DCA155E246F}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYGT&apn_uid=32c4a835-50f5-41be-9380-d35c338b9084&apn_sauid=CADA6E1E-5193-4A29-ADCB-95B2A947FE5D
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{E88E0043-C9D4-4e33-8555-FEE4F5B63060}: "URL" = http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

[2012/05/28 16:50:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Extensions
[2012/04/30 13:48:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Firefox\extensions
[2012/07/09 12:17:12 | 000,000,000 | ---D | M] (BittorrentBar_ES Community Toolbar) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Firefox\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}
[2012/08/07 15:43:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012/08/07 15:42:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
[2012/08/07 15:41:41 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Firefox\Profiles\extensions\[email protected]
[2012/08/07 15:42:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions
[2012/08/07 15:42:52 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions\[email protected]
[2012/08/07 15:42:55 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions\[email protected]
[2012/05/28 16:49:41 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2012/08/08 11:18:26 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions\[email protected]
[2012/07/02 10:35:48 | 000,005,137 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ergative.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhipmoghimfdldnocmopeoanjmoolofl\1.2_0\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1206.11.1_0\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikkpgihagilojnkmkkfcbhlainmnkicp\1.1.4_0\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jieopfhnlbjmbpckpdhfdedccdmngdac\1.5_0\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.5_0\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.2_0\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk\1.18.60_2\crossrider
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk\1.18.60_2\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk\1.19.65_0\crossrider
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk\1.19.65_0\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch\1.2_0\
CHR - Extension: No name found = C:\Users\Repre_Quimica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll File not found
O2 - BHO: (no name) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - No CLSID value found.
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~1\Funmoods\1.5.23.22\bh\escort.dll File not found
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Archivos de programa\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (Plugin for Media Finder) - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Repre_Quimica\AppData\Roaming\Media Finder\Extensions\IEPlugin32.dll (Media Finder)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\REPRE_~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~1\Funmoods\1.5.23.22\escorTlbr.dll File not found
O3 - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Repre_Quimica\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ForgetBox.lnk = C:\Users\Repre_Quimica\AppData\Roaming\ForgetBox\ForgetBox.exe (ForgetBox)
O4 - Startup: C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 216.230.147.90 216.230.128.32
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{119E7A01-A072-4F66-8487-C8A9425D754C}: DhcpNameServer = 216.230.147.90 216.230.128.32
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB59EE29-0F8F-49F7-A1F5-66912A66A7D5}: DhcpNameServer = 216.230.147.90 216.230.128.32
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel tapiz de Galería fotográfica de Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel tapiz de Galería fotográfica de Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a03a07b1-66d8-11e1-a5d0-001372810c42}\Shell - "" = AutoRun
O33 - MountPoints2\{a03a07b1-66d8-11e1-a5d0-001372810c42}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/08 11:24:51 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Repre_Quimica\Desktop\OTL.exe
[2012/08/08 11:17:06 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
[2012/08/08 11:08:52 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Documents\videos xxx
[2012/08/08 11:07:19 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Desktop\Agosto
[2012/08/07 15:54:58 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Desktop\videos xxx
[2012/08/07 15:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro
[2012/08/07 15:52:12 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DirectDownloader
[2012/08/07 15:51:41 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Desktop\2012_08_07
[2012/08/07 15:49:50 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\AppData\Local\DirectDownloader
[2012/08/07 15:43:28 | 000,000,000 | ---D | C] -- C:\Program Files\Gophoto.it
[2012/08/07 15:43:02 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Documents\Nubiles.net - Conny - Black Stockings Inc [720p]
[2012/08/06 11:46:18 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Repre_Quimica\Desktop\HijackThis.exe
[2012/08/02 17:51:17 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zipline
[2012/08/02 17:51:07 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\AppData\Local\Zipline
[2012/08/02 14:56:20 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Desktop\2012_08_02
[2012/08/01 17:37:34 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\AppData\Roaming\dvdcss
[2012/08/01 10:14:55 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Desktop\2012_08_01
[2012/07/31 11:34:34 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Desktop\2012_07_31
[2012/07/30 11:17:09 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Desktop\2012_07_30
[2012/07/27 12:49:00 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2012/07/27 12:48:43 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\AppData\Roaming\ForgetBox
[2012/07/27 12:47:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/07/26 16:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\MunSoft
[2012/07/26 16:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Drive Data Recovery
[2012/07/26 16:12:26 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Desktop\Downloads
[2012/07/26 16:12:22 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\AppData\Roaming\GetRightToGo
[2012/07/18 15:54:18 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Desktop\nuevas para imprimir
[2012/07/17 15:16:45 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Desktop\2012_07_17
[2012/07/17 14:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData (x86)
[2012/07/17 13:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder
[2012/07/17 13:44:15 | 000,000,000 | ---D | C] -- C:\Program Files\File Shredder
[2012/07/16 16:23:19 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\Desktop\Pangea para enviar al Ing. Avalos
[2012/07/16 13:40:34 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2012/07/09 14:59:41 | 000,000,000 | ---D | C] -- C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
[2012/07/09 14:59:40 | 000,000,000 | ---D | C] -- C:\Program Files\Convar
[2012/07/09 14:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
[2012/07/09 14:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\eSupport.com
[2012/07/09 12:48:08 | 000,000,000 | ---D | C] -- C:\Log
[2012/07/09 12:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/07/09 12:47:34 | 000,000,000 | ---D | C] -- C:\Program Files\Stellar Phoenix Windows Data Recovery

========== Files - Modified Within 30 Days ==========

[2012/08/08 11:27:46 | 002,883,584 | -HS- | M] () -- C:\Users\Repre_Quimica\ntuser.dat
[2012/08/08 11:24:55 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Repre_Quimica\Desktop\OTL.exe
[2012/08/08 11:21:29 | 000,060,640 | ---- | M] () -- C:\Users\Repre_Quimica\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/08/08 11:21:26 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/08 11:21:01 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/08 11:21:01 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/08 11:20:57 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012/08/08 11:20:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/08 11:20:48 | 2137,145,344 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/08 11:19:49 | 000,524,288 | -HS- | M] () -- C:\Users\Repre_Quimica\ntuser.dat{26129024-b654-11e1-b102-001372810c42}.TMContainer00000000000000000001.regtrans-ms
[2012/08/08 11:19:49 | 000,065,536 | -HS- | M] () -- C:\Users\Repre_Quimica\ntuser.dat{26129024-b654-11e1-b102-001372810c42}.TM.blf
[2012/08/08 11:19:41 | 003,187,712 | -H-- | M] () -- C:\Users\Repre_Quimica\AppData\Local\IconCache.db
[2012/08/08 11:08:51 | 000,000,095 | ---- | M] () -- C:\Users\Repre_Quimica\Documents\1Click.cfg
[2012/08/08 10:58:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/08 10:44:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/08 10:41:22 | 000,524,576 | ---- | M] () -- C:\Users\Repre_Quimica\Documents\Presentación1.pdf
[2012/08/08 10:02:56 | 000,022,318 | ---- | M] () -- C:\Users\Repre_Quimica\Documents\08-08-2012.reg
[2012/08/07 17:49:03 | 000,038,400 | ---- | M] () -- C:\Users\Repre_Quimica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/07 15:42:00 | 000,384,844 | ---- | M] () -- C:\Users\Repre_Quimica\AppData\Local\funmoods-speeddial.crx
[2012/08/07 15:42:00 | 000,031,465 | ---- | M] () -- C:\Users\Repre_Quimica\AppData\Local\funmoods.crx
[2012/08/07 15:23:45 | 000,015,966 | ---- | M] () -- C:\Users\Repre_Quimica\Desktop\Nubiles.net.-.Conny.-.Black.Stockings.Inc.torrent
[2012/08/06 11:46:19 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Repre_Quimica\Desktop\HijackThis.exe
[2012/08/03 12:05:25 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/02 12:34:51 | 000,840,879 | ---- | M] () -- C:\Users\Repre_Quimica\Desktop\Mapa catastral geologicos ign.gif
[2012/08/02 12:34:51 | 000,001,546 | ---- | M] () -- C:\Users\Repre_Quimica\.recently-used.xbel
[2012/08/01 17:40:57 | 000,000,423 | ---- | M] () -- C:\Users\Repre_Quimica\Documentos - Acceso directo.lnk
[2012/07/27 12:48:51 | 000,001,943 | ---- | M] () -- C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ForgetBox.lnk
[2012/07/19 12:12:07 | 000,209,524 | ---- | M] () -- C:\Users\Repre_Quimica\Documents\AREA 2.pdf
[2012/07/17 13:44:18 | 000,000,777 | ---- | M] () -- C:\Users\Repre_Quimica\Desktop\File Shredder.lnk
[2012/07/17 12:01:11 | 000,056,792 | ---- | M] () -- C:\Users\Repre_Quimica\Documents\17 jul 2012.reg
[2012/07/17 09:51:01 | 001,500,160 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012/07/17 09:51:01 | 000,676,598 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2012/07/17 09:51:01 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/17 09:51:01 | 000,133,064 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2012/07/17 09:51:01 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/16 13:30:56 | 000,270,560 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/16 09:55:37 | 000,001,003 | ---- | M] () -- C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/07/09 13:05:02 | 000,000,068 | ---- | M] () -- C:\Windows\spwdra.INI
[2012/07/09 12:22:56 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/07/09 12:22:55 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/07/09 12:06:53 | 000,524,288 | -HS- | M] () -- C:\Users\Repre_Quimica\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2012/07/09 12:06:53 | 000,065,536 | -HS- | M] () -- C:\Users\Repre_Quimica\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf

========== Files Created - No Company Name ==========

[2012/08/08 11:21:29 | 000,060,640 | ---- | C] () -- C:\Users\Repre_Quimica\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/08/08 11:17:06 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
[2012/08/08 11:17:06 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
[2012/08/08 11:17:06 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
[2012/08/08 10:41:21 | 000,524,576 | ---- | C] () -- C:\Users\Repre_Quimica\Documents\Presentación1.pdf
[2012/08/08 10:02:53 | 000,022,318 | ---- | C] () -- C:\Users\Repre_Quimica\Documents\08-08-2012.reg
[2012/08/07 15:43:15 | 000,384,844 | ---- | C] () -- C:\Users\Repre_Quimica\AppData\Local\funmoods-speeddial.crx
[2012/08/07 15:43:12 | 000,031,465 | ---- | C] () -- C:\Users\Repre_Quimica\AppData\Local\funmoods.crx
[2012/08/07 15:42:41 | 000,000,095 | ---- | C] () -- C:\Users\Repre_Quimica\Documents\1Click.cfg
[2012/08/07 15:23:44 | 000,015,966 | ---- | C] () -- C:\Users\Repre_Quimica\Desktop\Nubiles.net.-.Conny.-.Black.Stockings.Inc.torrent
[2012/08/02 12:34:51 | 000,001,546 | ---- | C] () -- C:\Users\Repre_Quimica\.recently-used.xbel
[2012/08/02 12:34:46 | 000,840,879 | ---- | C] () -- C:\Users\Repre_Quimica\Desktop\Mapa catastral geologicos ign.gif
[2012/08/01 17:40:57 | 000,000,423 | ---- | C] () -- C:\Users\Repre_Quimica\Documentos - Acceso directo.lnk
[2012/07/27 12:48:52 | 000,001,999 | ---- | C] () -- C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ForgetBox.lnk
[2012/07/27 12:48:51 | 000,001,943 | ---- | C] () -- C:\Users\Repre_Quimica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ForgetBox.lnk
[2012/07/19 12:12:06 | 000,209,524 | ---- | C] () -- C:\Users\Repre_Quimica\Documents\AREA 2.pdf
[2012/07/17 17:42:15 | 003,187,712 | -H-- | C] () -- C:\Users\Repre_Quimica\AppData\Local\IconCache.db
[2012/07/17 15:11:46 | 2137,145,344 | -HS- | C] () -- C:\hiberfil.sys
[2012/07/17 13:44:18 | 000,000,777 | ---- | C] () -- C:\Users\Repre_Quimica\Desktop\File Shredder.lnk
[2012/07/17 12:01:07 | 000,056,792 | ---- | C] () -- C:\Users\Repre_Quimica\Documents\17 jul 2012.reg
[2012/07/09 12:48:08 | 000,000,068 | ---- | C] () -- C:\Windows\spwdra.INI
[2012/06/14 13:49:48 | 000,524,288 | -HS- | C] () -- C:\Users\Repre_Quimica\ntuser.dat{26129024-b654-11e1-b102-001372810c42}.TMContainer00000000000000000002.regtrans-ms
[2012/06/14 13:49:47 | 000,524,288 | -HS- | C] () -- C:\Users\Repre_Quimica\ntuser.dat{26129024-b654-11e1-b102-001372810c42}.TMContainer00000000000000000001.regtrans-ms
[2012/06/14 13:49:46 | 000,065,536 | -HS- | C] () -- C:\Users\Repre_Quimica\ntuser.dat{26129024-b654-11e1-b102-001372810c42}.TM.blf
[2012/06/01 14:33:23 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/05/18 16:32:09 | 000,000,084 | ---- | C] () -- C:\Users\Repre_Quimica\wxDownloadFast.ini
[2012/05/09 17:00:03 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2012/01/02 14:54:27 | 000,000,028 | ---- | C] () -- C:\Windows\MyActiveX.INI
[2011/12/29 10:43:18 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/12/29 10:43:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/12/29 10:42:52 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll
[2011/12/28 11:50:20 | 000,038,400 | ---- | C] () -- C:\Users\Repre_Quimica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/28 10:37:35 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/12/26 12:17:17 | 000,000,020 | -HS- | C] () -- C:\Users\Repre_Quimica\ntuser.ini
[2011/12/26 12:17:16 | 002,883,584 | -HS- | C] () -- C:\Users\Repre_Quimica\ntuser.dat
[2011/12/26 12:17:16 | 000,524,288 | -HS- | C] () -- C:\Users\Repre_Quimica\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms
[2011/12/26 12:17:16 | 000,524,288 | -HS- | C] () -- C:\Users\Repre_Quimica\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2011/12/26 12:17:16 | 000,065,536 | -HS- | C] () -- C:\Users\Repre_Quimica\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2005/04/07 20:16:43 | 000,000,015 | -H-- | C] () -- C:\Users\Repre_Quimica\AppData\Roaming\logs.dat

========== LOP Check ==========

[2012/05/09 13:27:47 | 000,000,000 | ---D | M] -- C:\Users\Invitado\AppData\Roaming\BitTorrent
[2011/12/28 09:58:23 | 000,000,000 | ---D | M] -- C:\Users\Invitado\AppData\Roaming\Canon
[2012/05/09 09:06:03 | 000,000,000 | ---D | M] -- C:\Users\Invitado\AppData\Roaming\Iminent
[2012/05/24 12:07:27 | 000,000,000 | ---D | M] -- C:\Users\Invitado\AppData\Roaming\Nitro PDF
[2012/07/17 11:44:30 | 000,000,000 | ---D | M] -- C:\Users\Invitado\AppData\Roaming\Opera
[2012/01/16 17:56:41 | 000,000,000 | ---D | M] -- C:\Users\Invitado\AppData\Roaming\SkyMonk
[2012/03/28 13:12:46 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Ad-Aware Antivirus
[2012/08/07 17:56:41 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\BitTorrent
[2011/12/27 16:34:16 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Canon
[2012/06/01 16:40:51 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/05/04 15:22:17 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\CX
[2012/08/02 11:56:38 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Downloaded Installations
[2012/08/08 11:23:07 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Dropbox
[2012/07/09 12:17:11 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Easy Duplicate Finder
[2012/07/27 12:50:15 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\ForgetBox
[2012/08/02 17:27:44 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\FreeVideoConverter
[2012/07/26 16:16:19 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\GetRightToGo
[2012/08/02 12:34:51 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\gtk-2.0
[2012/01/02 14:55:53 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Haihaisoft
[2012/01/02 14:56:25 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Haihaisoft Universal Player
[2012/05/04 14:45:42 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Iminent
[2012/05/29 09:53:54 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Media Finder
[2012/07/23 16:35:57 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Nitro PDF
[2012/06/18 16:25:45 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\OfficeRecovery
[2012/06/18 16:28:54 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\OfficeRecovery.640dbcb8
[2012/06/07 17:16:14 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Opera
[2012/02/01 17:33:11 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\SecondLife
[2012/05/23 12:13:39 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Systweak
[2012/06/04 11:01:00 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Visan
[2012/07/09 12:17:12 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\YourFileDownloader
[2012/08/08 11:19:57 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012/08/08 11:18:52 | 000,021,313 | ---- | M] () -- C:\AT-Destroyer.txt
[2006/09/18 15:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 00:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2011/12/26 06:04:58 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 15:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2012/08/08 11:20:48 | 2137,145,344 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/08 11:20:47 | 2450,956,288 | -HS- | M] () -- C:\pagefile.sys
[2012/08/08 11:17:12 | 000,000,120 | ---- | M] () -- C:\prueba.txt
[2012/03/15 09:12:44 | 000,000,510 | ---- | M] () -- C:\settings.ini

< End of report >

Y ahora lo de Extras.txt:

OTL Extras logfile created on: 08/08/2012 11:29:35 a.m. - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Repre_Quimica\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000100a | Country: Guatemala | Language: ESG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 48.17% Memory free
4.22 Gb Paging File | 2.98 Gb Available in Paging File | 70.61% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.83 Gb Total Space | 153.79 Gb Free Space | 66.05% Space Free | Partition Type: NTFS
Drive E: | 232.83 Gb Total Space | 232.44 Gb Free Space | 99.83% Space Free | Partition Type: NTFS

Computer Name: REPRE_QUIMICA5 | User Name: Repre_Quimica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-643385005-1702227153-3272280709-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0204A998-33E1-4434-8C1F-B88157F17372}" = rport=137 | protocol=17 | dir=out | app=system |
"{09D67EA6-7D85-4FED-8939-BCEF3F98A526}" = rport=445 | protocol=6 | dir=out | app=system |
"{191A6904-9395-480D-BAFD-A7D0CA0CDB4E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{19D53AF9-0FAC-40C7-BDF8-B73E852E3CD8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1D769781-9B58-436A-84A8-8647CBB660B5}" = lport=445 | protocol=6 | dir=in | app=system |
"{25CFE773-78FA-4433-A9C9-733202AA1B71}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{36899DB1-A261-4376-B417-EE629AC3686F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4A23ADEA-D437-401E-B485-C08766040117}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5CAD9ECC-6E36-4B12-B7E6-BFC8C8E7FA0A}" = lport=137 | protocol=17 | dir=in | app=system |
"{68A1512D-2340-4DCA-8CA7-A8B15C11C759}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7A0866A5-AF46-440B-8C14-73FF0319A431}" = lport=139 | protocol=6 | dir=in | app=system |
"{87E950AF-5B29-4168-88A1-96603FF0D640}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9AB32A7D-D8FB-4724-B61D-0D9FB75BBD58}" = rport=139 | protocol=6 | dir=out | app=system |
"{A8E617ED-1B43-464A-AFBD-8F8327C013D8}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B011BC44-D743-4B93-80C1-324CA84173CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{B5527E4F-8A97-4CCA-961D-288D59E9860A}" = rport=138 | protocol=17 | dir=out | app=system |
"{F58C973B-A4C7-436A-B99F-ADBAFDFB44CD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FEE95C15-6A0A-4DB8-9401-1E268171C53C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03F56257-3F2E-4980-97AA-2DA1D77EFF2B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0781C6B5-B2EE-49F3-BDEE-F0319F448179}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{0C746270-BCD2-440D-83C5-23B9860BDA66}" = protocol=6 | dir=in | app=c:\users\repre_quimica\appdata\roaming\dropbox\bin\dropbox.exe |
"{28AD96E2-93D5-49F5-B8A7-F4CDEB88051C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2DD31D45-7CA1-4BBC-B535-3DEBC8A3C09E}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{39140C3A-65DB-47C2-97AA-281503D2313D}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{3ED35803-4672-4EDC-B6EB-C01A1F9D8257}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{4FAFB8DD-EF31-4B16-B1B8-B8E5430D60A3}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{50D3D505-EE49-4EEB-B9D5-9A85F883C501}" = protocol=17 | dir=in | app=c:\users\repre_quimica\appdata\roaming\dropbox\bin\dropbox.exe |
"{51F42AFB-E269-4664-BE7D-08A97A149121}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{565477B4-EC19-4581-BE94-AF3888E918F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{58A35B80-EEC2-4B95-B562-EF1139C0E220}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{66CE895A-6489-4001-8043-08C96D459749}" = protocol=17 | dir=in | app=c:\users\repre_quimica\appdata\local\directdownloader\directdownloader.exe |
"{71CD4D35-5AB5-4033-9B11-79FD22F40C03}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{754DAC8F-55B7-478A-9968-4062169DAC7B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{788CF9F0-BDFC-42D5-8E9A-EC095221B2C9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7CA16746-4F14-4967-ABF1-46A892ED44C4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{96280692-78F5-4CC4-B4D7-3403AD01D3DB}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{9B2AEE0D-2B52-4D58-BFA3-A2BCCE71029F}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{A042D43B-12CD-4585-973F-914369749339}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{A3025AC5-7F79-42E0-9DA1-F4FD200E3FAD}" = protocol=6 | dir=in | app=c:\users\repre_quimica\appdata\local\directdownloader\directdownloader.exe |
"{B173C2B4-3914-4F68-97E0-E2F71666A780}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B5471C14-0A74-4394-8BF6-4ACAA1D2DFCD}" = dir=in | app=c:\program files\iminent\iminent.exe |
"{CBC19676-E78D-43B5-84C2-5160DA17A293}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{CCAF5668-E9A4-4689-B62C-4D907825281B}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{EEB99E21-23F7-48DE-B586-CD0C1947A0F5}" = dir=in | app=c:\program files\iminent\iminent.messengers.exe |
"{FBD15376-237B-4B69-A2F6-629BDD4C460E}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{AC000F91-3C84-4E49-B951-4072231F85E7}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{CB667585-AF32-44BE-B345-CD1B399CCE43}C:\Program Files\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"TCP Query User{F1695A60-7ACF-47D3-B890-3432D2054DE2}C:\avast! sandbox\s-1-5-21-643385005-1702227153-3272280709-1000\r136\ism_*******.exe_{5432b95b-db20-11e1-88bf-001372810c42}\c\program files\tsearch\easydownload.exe" = protocol=6 | dir=in | app=c:\avast! sandbox\s-1-5-21-643385005-1702227153-3272280709-1000\r136\ism_*******.exe_{5432b95b-db20-11e1-88bf-001372810c42}\c\program files\tsearch\easydownload.exe |
"UDP Query User{0124E89C-55F8-4A68-B18A-D5A89F140501}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{10728E31-411F-4566-A076-B286B13853B0}C:\avast! sandbox\s-1-5-21-643385005-1702227153-3272280709-1000\r136\ism_*******.exe_{5432b95b-db20-11e1-88bf-001372810c42}\c\program files\tsearch\easydownload.exe" = protocol=17 | dir=in | app=c:\avast! sandbox\s-1-5-21-643385005-1702227153-3272280709-1000\r136\ism_*******.exe_{5432b95b-db20-11e1-88bf-001372810c42}\c\program files\tsearch\easydownload.exe |
"UDP Query User{E9E2D5DB-79CD-4CA1-881D-FF832E18947D}C:\Program Files\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series" = Canon MP140 series
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2161D304-A4F4-4029-95F3-F9CDDC43853E}" = Estudio de mejora de productos de HP Deskjet 3050 J610 series
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java(TM) 7 Update 1
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.440
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{74A8117D-07C6-4222-AFFD-51421B69DEF0}" = TRENDnet TEW-648UB Wireless N USB Adapter
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{85CA918C-ABDF-4CD2-83C0-299D6E1540FF}" = Nitro Reader 2
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-042D-0000-0000000FF1CE}_HOMESTUDENTR_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0456-0000-0000000FF1CE}_HOMESTUDENTR_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0C0A-0000-0000000FF1CE}" = Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92E4A65F-7007-3357-A69A-167F71A337BD}" = Microsoft .NET Framework 3.5 Language Pack SP1 - esn
"{94E879DC-73AD-4E59-B740-DF74B4C43D56}" = TerraGo Toolbar
"{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
"{9866E5F0-121F-E018-E2D1-2E1770847ABF}" = Adobe Download Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0A8F9E4-52AE-4468-9714-50633C0D490E}" = ForgetBox Beta
"{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1034-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Español
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1
"{D04DCD77-B454-4E4F-824C-2B9504C5ED2C}" = Software básico del dispositivo HP Deskjet 3050 J610 series
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F7CF0E9A-D48B-4942-9537-259ED0568DF4}" = Iminent
"1ClickDownload" = 1ClickDownloader
"1ClickDownloader" = 1ClickDownloader
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Easy Drive Data Recovery" = Easy Drive Data Recovery
"eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.3.521
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"File Shredder_is1" = File Shredder 2.5
"Free Video Converter_is1" = Free Video Converter V 3.1
"funmoods" = Funmoods Web Search
"Google Chrome" = Google Chrome
"Haihaisoft Universal Player" = Haihaisoft Universal Player
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"I Want This" = I Want This
"IMBoosterARP" = Iminent
"incredibar" = Incredibar Toolbar on IE
"Microsoft .NET Framework 3.5 Language Pack SP1 - esn" = Paquete de idioma de Microsoft .NET Framework 3.5 SP1 - esn
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"MP Navigator 3.1" = Canon MP Navigator 3.1
"Opera 11.64.1403" = Opera 11.64
"Opera 12.01.1532" = Opera 12.01
"PowerISO" = PowerISO
"Recuva" = Recuva
"VLC media player" = VLC media player 0.9.9
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinRAR archiver" = Compresor WinRAR
"wxDownload Fast_is1" = wxDownload Fast 0.6.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-643385005-1702227153-3272280709-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DirectDownloader" = DirectDownloader
"Dropbox" = Dropbox
"YourFileDownloader" = YourFileDownloader
"Zipline" = Zipline

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 02/08/2012 05:13:17 p.m. | Computer Name = Repre_Quimica5 | Source = Application Error | ID = 1000
Description = Aplicación con errores opera_plugin_wrapper.exe, versión 12.0.1467.0,
marca de hora 0x4fd85a2f, módulo con errores ntdll.dll, versión 6.0.6002.18541,
marca de tiempo 0x4ec3e3d5, código de excepción 0xc0000374, desplazamiento con
errores 0x000b06b7, Id. de proceso 0x1164, hora de inicio de la aplicación 0x01cd70eec7fd9104.

Error - 02/08/2012 05:48:29 p.m. | Computer Name = Repre_Quimica5 | Source = Application Hang | ID = 1002
Description = El programa Explorer.EXE, versión 6.0.6002.18005, dejó de interactuar
con Windows y se cerró. Para ver si hay más información disponible acerca del problema,
compruebe el historial de problemas en el panel de control de Informes de problemas
y soluciones. Id. de proceso: 854 Hora de inicio: 01cd70f86bd1e91a Hora de finalización:
93

Error - 02/08/2012 05:48:43 p.m. | Computer Name = Repre_Quimica5 | Source = WinMgmt | ID = 10
Description =

Error - 02/08/2012 05:55:43 p.m. | Computer Name = Repre_Quimica5 | Source = WinMgmt | ID = 10
Description =

Error - 03/08/2012 01:02:38 p.m. | Computer Name = Repre_Quimica5 | Source = WinMgmt | ID = 10
Description =

Error - 03/08/2012 01:03:53 p.m. | Computer Name = Repre_Quimica5 | Source = Iminent | ID = 0
Description =

Error - 06/08/2012 10:20:41 a.m. | Computer Name = Repre_Quimica5 | Source = WinMgmt | ID = 10
Description =

Error - 06/08/2012 01:05:52 p.m. | Computer Name = Repre_Quimica5 | Source = Iminent | ID = 0
Description =

Error - 07/08/2012 10:23:26 a.m. | Computer Name = Repre_Quimica5 | Source = WinMgmt | ID = 10
Description =

Error - 07/08/2012 02:42:14 p.m. | Computer Name = Repre_Quimica5 | Source = Iminent | ID = 0
Description =

Error - 08/08/2012 11:52:01 a.m. | Computer Name = Repre_Quimica5 | Source = WinMgmt | ID = 10
Description =

Error - 08/08/2012 01:22:05 p.m. | Computer Name = Repre_Quimica5 | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 17/07/2012 05:02:42 p.m. | Computer Name = Repre_Quimica5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 18, Application Name: Picture Manager, Application Version: 12.0.6606.1000,
Microsoft Office Version: 12.0.6612.1000. This session lasted 9793 seconds with
120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 02/08/2012 11:52:15 a.m. | Computer Name = Repre_Quimica5 | Source = Print | ID = 19
Description = El administrador de trabajos de impresión no puede compartir la impresora
Nitro PDF Creator 2 (Reader) con el recurso compartido Nitro PDF Creator 2 (Reader).
Error: 2114. Ningún usuario podrá usar esta impresora en la red.

Error - 02/08/2012 04:03:06 p.m. | Computer Name = Repre_Quimica5 | Source = EventLog | ID = 6008
Description = El cierre anterior del sistema a las 01:56:54 p.m. del 02/08/2012
resultó inesperado.

Error - 02/08/2012 05:47:14 p.m. | Computer Name = Repre_Quimica5 | Source = EventLog | ID = 6008
Description = El cierre anterior del sistema a las 03:46:01 p.m. del 02/08/2012
resultó inesperado.

Error - 02/08/2012 05:54:04 p.m. | Computer Name = Repre_Quimica5 | Source = EventLog | ID = 6008
Description = El cierre anterior del sistema a las 03:52:07 p.m. del 02/08/2012
resultó inesperado.

Error - 02/08/2012 07:58:12 p.m. | Computer Name = Repre_Quimica5 | Source = DCOM | ID = 10010
Description =

Error - 06/08/2012 03:22:22 p.m. | Computer Name = Repre_Quimica5 | Source = DCOM | ID = 10010
Description =

Error - 07/08/2012 05:09:23 p.m. | Computer Name = Repre_Quimica5 | Source = DCOM | ID = 10010
Description =

Error - 08/08/2012 11:50:37 a.m. | Computer Name = Repre_Quimica5 | Source = Print | ID = 19
Description = El administrador de trabajos de impresión no puede compartir la impresora
Nitro PDF Creator 2 (Reader) con el recurso compartido Nitro PDF Creator 2 (Reader).
Error: 2114. Ningún usuario podrá usar esta impresora en la red.

Error - 08/08/2012 01:17:49 p.m. | Computer Name = Repre_Quimica5 | Source = Service Control Manager | ID = 7034
Description =

Error - 08/08/2012 01:21:38 p.m. | Computer Name = Repre_Quimica5 | Source = Print | ID = 19
Description = El administrador de trabajos de impresión no puede compartir la impresora
Nitro PDF Creator 2 (Reader) con el recurso compartido Nitro PDF Creator 2 (Reader).
Error: 2114. Ningún usuario podrá usar esta impresora en la red.

< End of report >

**Javierhf** · 08/08/12, 17:59:40

Ejecuta de nuevo OTL.exe

Copia y Pega el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación.

Código:

:OTL
PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)
SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe File not found
SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtCyE0DtC0Dzz0FyEyByEyC0B0ByEtN0D0Tzu0CtBtBtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=685878979
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.iminent.com/?appid=ac460c70-c04d-4a0b-9f8a-d51e09933664
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtCyE0DtC0Dzz0FyEyByEyC0B0ByEtN0D0Tzu0CtBtBtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=685878979
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtCyE0DtC0Dzz0FyEyByEyC0B0ByEtN0D0Tzu0CtBtBtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=685878979
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{3C7F6F24-01DF-D273-8096-577EAC697B68}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=230512_54x&babsrc=SP_ss&mntrId=eaa26bb4000000000000001372810c42
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={3AE36885-2A0C-4CC3-BF68-70B1DC892F71}&mid=19cf4a1091b647d093e1d15a3465e5b1-a8a315fc2916545a0e3b697b39c86f1c4f59a52b&lang=es-es&ds=st011&pr=sa&d=2012-05-16 17:06:52&v=9.0.0.23&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6PQxNtOc5B&i=26
IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{E709D794-1587-4079-8E5D-3DCA155E246F}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYGT&apn_uid=32c4a835-50f5-41be-9380-d35c338b9084&apn_sauid=CADA6E1E-5193-4A29-ADCB-95B2A947FE5D
[2012/08/07 15:42:52 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Fir efox\Profiles\0\extensions\[email protected]
[2012/08/07 15:42:55 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Fir efox\Profiles\extensions\extensions\[email protected]
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll File not found
O2 - BHO: (no name) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - No CLSID value found.
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~1\Funmoods\1.5.23.22\bh\escort.dll File not found
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (Plugin for Media Finder) - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Repre_Quimica\AppData\Roaming\Media Finder\Extensions\IEPlugin32.dll (Media Finder)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.7227.110 0\swg.dll (Google Inc.)
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\REPRE_~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL ()
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~1\Funmoods\1.5.23.22\escorTlbr.dll File not found
O3 - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O33 - MountPoints2\{a03a07b1-66d8-11e1-a5d0-001372810c42}\Shell\AutoRun\command - "" = F:\Startme.exe
[2012/08/07 15:42:00 | 000,384,844 | ---- | M] () -- C:\Users\Repre_Quimica\AppData\Local\funmoods-speeddial.crx
[2012/08/07 15:42:00 | 000,031,465 | ---- | M] () -- C:\Users\Repre_Quimica\AppData\Local\funmoods.crx
[2012/05/09 09:06:03 | 000,000,000 | ---D | M] -- C:\Users\Invitado\AppData\Roaming\Iminent
[2012/05/04 14:45:42 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Iminent

:Files
ipconfig /flushdns /c
ipconfig /renew /c

:Commands
[PURITY]
[EMPTYFLASH]
[EMPTYTEMP]
[RESETHOSTS]

Presiona el Botón Reparar para lanzar la eliminación. Después presionas en OK.

OTL va a Reiniciar el ordenador para completar la eliminación.

Guardas el nuevo reporte generado, y lo copias y pegas en tu próxima respuesta.

Antes de contestarnos revisa/actualiza tu versión de Java(Muy Importante) >> Descarga gratuita del software de Java

Y cuando nos contestes dinos que versión de Java se ha quedado instalada >> ¿Cómo puedo comprobar si Java funciona en mi equipo?

Recuerda ponernos el log de OTL, y dinos también que versión de Java tienes ahora y como sigue el ordenador, en relación al problema planteado.

Saludos.

**jamesrock66** · 10/08/12, 13:13:39

Hola, buen dia, muchas gracias de nuevo, la versión java que tengo instalada ahora es la mas reciente Java SE 7 Update 5. El ordenador ha estado funcionando normal y talves un poco mejor. Aca dejo el log de OTL. Gracias. Atentamente., Jaime Urrutia.

All processes killed
Error: Unable to interpret <PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe File not found> in the current context!
Error: Unable to interpret <SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe File not found> in the current context!
Error: Unable to interpret <DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found> in the current context!
Error: Unable to interpret <DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found> in the current context!
Error: Unable to interpret <DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtCyE0DtC0Dzz0FyEyByEyC0B0ByEtN0D0Tzu0CtBtBtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=685878979> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.iminent.com/?appid=ac460c70-c04d-4a0b-9f8a-d51e09933664> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtCyE0DtC0Dzz0FyEyByEyC0B0ByEtN0D0Tzu0CtBtBtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=685878979> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtDtCyE0DtC0Dzz0FyEyByEyC0B0ByEtN0D0Tzu0CtBtBtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=685878979> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{3C7F6F24-01DF-D273-8096-577EAC697B68}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=230512_54x&babsrc=SP_ss&mntrId=eaa26bb4000000000000001372810c42> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={3AE36885-2A0C-4CC3-BF68-70B1DC892F71}&mid=19cf4a1091b647d093e1d15a3465e5b1-a8a315fc2916545a0e3b697b39c86f1c4f59a52b&lang=es-es&ds=st011&pr=sa&d=2012-05-16 17:06:52&v=9.0.0.23&sap=dsp&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6PQxNtOc5B&i=26> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\SearchScopes\{E709D794-1587-4079-8E5D-3DCA155E246F}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYGT&apn_uid=32c4a835-50f5-41be-9380-d35c338b9084&apn_sauid=CADA6E1E-5193-4A29-ADCB-95B2A947FE5D> in the current context!
Error: Unable to interpret <[2012/08/07 15:42:52 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Fir efox\Profiles\0\extensions\[email protected]> in the current context!
Error: Unable to interpret <[2012/08/07 15:42:55 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Repre_Quimica\AppData\Roaming\mozilla\Fir efox\Profiles\extensions\extensions\[email protected]> in the current context!
Error: Unable to interpret <O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll File not found> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - No CLSID value found.> in the current context!
Error: Unable to interpret <O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~1\Funmoods\1.5.23.22\bh\escort.dll File not found> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.> in the current context!
Error: Unable to interpret <O2 - BHO: (Plugin for Media Finder) - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Repre_Quimica\AppData\Roaming\Media Finder\Extensions\IEPlugin32.dll (Media Finder)> in the current context!
Error: Unable to interpret <O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Archivos de programa\Google\GoogleToolbarNotifier\5.7.7227.110 0\swg.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\REPRE_~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL ()> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~1\Funmoods\1.5.23.22\escorTlbr.dll File not found> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-643385005-1702227153-3272280709-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a03a07b1-66d8-11e1-a5d0-001372810c42}\Shell\AutoRun\command - "" = F:\Startme.exe> in the current context!
Error: Unable to interpret <[2012/08/07 15:42:00 | 000,384,844 | ---- | M] () -- C:\Users\Repre_Quimica\AppData\Local\funmoods-speeddial.crx> in the current context!
Error: Unable to interpret <[2012/08/07 15:42:00 | 000,031,465 | ---- | M] () -- C:\Users\Repre_Quimica\AppData\Local\funmoods.crx> in the current context!
Error: Unable to interpret <[2012/05/09 09:06:03 | 000,000,000 | ---D | M] -- C:\Users\Invitado\AppData\Roaming\Iminent> in the current context!
Error: Unable to interpret <[2012/05/04 14:45:42 | 000,000,000 | ---D | M] -- C:\Users\Repre_Quimica\AppData\Roaming\Iminent> in the current context!
========== FILES ==========
< ipconfig /flushdns /c >
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
C:\Users\Repre_Quimica\Desktop\cmd.bat deleted successfully.
C:\Users\Repre_Quimica\Desktop\cmd.txt deleted successfully.
< ipconfig /renew /c >
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
est‚n desconectados.
Adaptador LAN inal*mbrico Conexi¢n de red inal*mbrica 2:
Sufijo DNS espec¡fico para la conexi¢n. . : lan
V¡nculo: direcci¢n IPv6 local. . . : fe80::892f:a8f8:2056:f982%14
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.5
M*scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.1.1
Adaptador de Ethernet Conexi¢n de *rea local:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . : lan
Adaptador de t£nel Conexi¢n de *rea local*:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . : lan
Adaptador de t£nel Conexi¢n de *rea local* 6:
Sufijo DNS espec¡fico para la conexi¢n. . :
Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:953c:34a4:776:3f57:fefa
V¡nculo: direcci¢n IPv6 local. . . : fe80::34a4:776:3f57:fefa%11
Puerta de enlace predeterminada . . . . . : ::
Adaptador de t£nel Conexi¢n de *rea local* 7:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
C:\Users\Repre_Quimica\Desktop\cmd.bat deleted successfully.
C:\Users\Repre_Quimica\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 56466 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Invitado
->Flash cache emptied: 3862 bytes

User: Public

User: Repre_Quimica
->Flash cache emptied: 61605 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Invitado
->Temp folder emptied: 1096445 bytes
->Temporary Internet Files folder emptied: 46875013 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 399073513 bytes
->Opera cache emptied: 356215 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Repre_Quimica
->Temp folder emptied: 9585719 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 42196010 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2564460 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 479.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.56.0 log created on 08092012_144924

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...
[2012/08/09 14:52:19 | 000,000,000 | ---- | M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5

Registry entries deleted on Reboot...

**Javierhf** · 10/08/12, 13:32:36

Buenas, saca de nuevo un log de OTL, y nos lo pones, sigue los pasos que te indicamos en este post #2.

Solo pon el de OTL,txt el de Extras NO es necesario.

Saludos.

**jamesrock66** · 13/08/12, 12:01:13

Buen día, perdon por la tardanza, aca está el log olt.txt, muchas gracias:

OTL logfile created on: 10/08/2012 03:35:43 p.m. - Run 2
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Repre_Quimica\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000100a | Country: Guatemala | Language: ESG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.59 Gb Available Physical Memory | 29.89% Memory free
4.21 Gb Paging File | 2.41 Gb Available in Paging File | 57.15% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.83 Gb Total Space | 150.02 Gb Free Space | 64.43% Space Free | Partition Type: NTFS
Drive E: | 232.83 Gb Total Space | 232.44 Gb Free Space | 99.83% Space Free | Partition Type: NTFS

Computer Name: REPRE_QUIMICA5 | User Name: Repre_Quimica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Windows\System32\java.exe (Oracle Corporation)
PRC - C:\Users\Repre_Quimica\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Archivos de programa\Opera\pluginwrapper\opera_plugin_wrapper.exe (Opera Software)
PRC - C:\Archivos de programa\Opera\opera.exe (Opera Software)
PRC - C:\Users\Repre_Quimica\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\Repre_Quimica\AppData\Roaming\ForgetBox\ForgetBoxInterface.exe (ForgetBox)
PRC - C:\Users\Repre_Quimica\AppData\Roaming\ForgetBox\ForgetBox.exe (ForgetBox)
PRC - C:\Archivos de programa\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
PRC - C:\Archivos de programa\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Archivos de programa\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Archivos de programa\PowerISO\PWRISOVM.EXE (Power Software Ltd)
PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Archivos de programa\TRENDnet\TEW-648UB\WlanCU.exe ()
PRC - C:\Archivos de programa\Microsoft Office\Office12\OIS.EXE (Microsoft Corporation)
PRC - C:\Archivos de programa\Microsoft Office\Office12\POWERPNT.EXE (Microsoft Corporation)
PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\TRENDnet\TEW-648UB\WlanWpsSvc.exe ()
PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Windows Defender\MSASCui.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Users\Repre_Quimica\AppData\Local\Temp\proxy_vole2333535259206419646.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gstwebmdec.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gstautodetect.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gstwaveform.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gstoggdec.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gstwavparse.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gsttypefindfunctions.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gstffmpegcolorspace.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gstcoreplugins.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gstaudioresample.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gstaudioconvert.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gstdirectsound.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\plugins\gstdecodebin2.dll ()
MOD - C:\Archivos de programa\Opera\gstreamer\gstreamer.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Users\Repre_Quimica\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.ESP ()
MOD - C:\Users\Repre_Quimica\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.ESP ()
MOD - C:\Users\Repre_Quimica\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.ESP ()
MOD - C:\Users\Repre_Quimica\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.ESP ()
MOD - C:\Users\Repre_Quimica\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.ESP ()
MOD - C:\Users\Repre_Quimica\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.ESP ()
MOD - C:\Users\Repre_Quimica\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.esp ()
MOD - C:\Archivos de programa\Adobe\Reader 10.0\Reader\Locale\es_ES\BRdlang32.ESP ()
MOD - C:\Archivos de programa\Adobe\Reader 10.0\Reader\sqlite.dll ()
MOD - C:\Archivos de programa\File Shredder\fsshell.dll ()
MOD - C:\Users\Repre_Quimica\AppData\Roaming\ForgetBox\ForgetBoxContextMenuHandler.dll ()
MOD - C:\Archivos de programa\TRENDnet\TEW-648UB\WlanCU.exe ()
MOD - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL ()
MOD - C:\Archivos de programa\TRENDnet\TEW-648UB\WPSCtrl.dll ()
MOD - C:\Archivos de programa\TRENDnet\TEW-648UB\WlanDll.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_es_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Archivos de programa\WinRAR\RarExt.dll ()

========== Win32 Services (SafeList) ==========

SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe File not found
SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NitroReaderDriverReadSpool2) -- C:\Archivos de programa\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (Nitro PDF Software)
SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (odserv) -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (WlanWpsSvc) -- C:\Archivos de programa\TRENDnet\TEW-648UB\WlanWpsSvc.exe ()
SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (Power Software Ltd)
DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
DRV - (RMCAST) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
DRV - (RtlProt) -- C:\Windows\System32\drivers\RtlProt.sys (Windows (R) Codename Longhorn DDK provider)

========== Standard Registry (SafeList) ==========

Mi pc se pone lenta (Solucionado)

Herramientas

Mi pc se pone lenta (Solucionado)

Re: Mi pc se pone lenta

Re: Mi pc se pone lenta

Re: Mi pc se pone lenta

Re: Mi pc se pone lenta

Re: Mi pc se pone lenta

Re: Mi pc se pone lenta

Re: Mi pc se pone lenta

Re: Mi pc se pone lenta

Re: Mi pc se pone lenta