• Registrarse
  • Iniciar sesión


  • Resultados 1 al 7 de 7

    Eliminar My Start Incredibar

    Resumen del tema: Eliminar My Start Incredibar - Hola, he seguido instrucciones en el foro para eliminar el molesto My Start Incredibar de mi PC, me he bajado y ejecutado AT Destroyer y despues el OTL. Mi pregunta es qué debo hacer ahora?? ...

    1. #1
      Usuario Avatar de mrwalsh
      Registrado
      ago 2012
      Ubicación
      Mexico
      Mensajes
      4

      Mensaje Eliminar My Start Incredibar

      Hola, he seguido instrucciones en el foro para eliminar el molesto My Start Incredibar de mi PC, me he bajado y ejecutado AT Destroyer y despues el OTL.

      Mi pregunta es qué debo hacer ahora?? A continuación les copio los dos reportes generados tanto el OTL.txt y el Extras.txt

      El reporte del OTL.txt es:

      OTL logfile created on: 8/31/2012 10:48:38 AM - Run 1
      OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\hp\Downloads
      64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

      4.00 Gb Total Physical Memory | 2.98 Gb Available Physical Memory | 74.46% Memory free
      7.99 Gb Paging File | 6.92 Gb Available in Paging File | 86.51% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 465.66 Gb Total Space | 316.62 Gb Free Space | 67.99% Space Free | Partition Type: NTFS

      Computer Name: HP1 | User Name: hp | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\hp\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
      PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
      PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe (Adobe Systems Incorporated)


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
      SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
      SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
      SRV:64bit: - (EPSON_EB_RPCV4_04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
      SRV:64bit: - (EPSON_PM_RPCV4_04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
      DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
      DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
      DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://prodigy.msn.com/?ocid=OIE9HP
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A9 5B CC 48 14 41 CD 01 [binary data]
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..keyword.URL: "http://google.com"
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\hp\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\hp\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/08/30 10:03:34 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/30 09:59:33 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/06/21 17:41:23 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

      [2012/04/25 16:11:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\Mozilla\Extensions
      [2012/08/30 10:03:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\qtx2yuw7.default\extensions
      [2012/08/30 09:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
      [2012/08/30 10:03:34 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
      [2012/08/24 21:01:06 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/08/24 21:00:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/08/24 21:00:22 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://www.google.com/
      CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
      CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
      CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
      CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofcnbnhefnmjancehemliplicihbcjjb\2.1_0\
      CHR - Extension: No name found = C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      O1 HOSTS File: ([2012/04/24 23:41:49 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 activate.adobe.com
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
      O2 - BHO: (VerPelis Helper) - {3CA233D9-0AA4-45BB-9938-738286EE52E7} - C:\Program Files (x86)\VerPelis Stream\VerPelisBHO.dll ()
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
      O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe ()
      O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      O4 - HKCU..\Run: [AdobeBridge] File not found
      O4 - HKCU..\Run: [EPSON TX120 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGL.EXE /FU "C:\Windows\TEMP\E_S3D3A.tmp" /EF "HKCU" File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
      O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1 198.41.0.4
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2998FC78-4301-4FE6-8441-2E783E9E0B48}: DhcpNameServer = 192.168.100.1 198.41.0.4
      O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/08/31 10:32:16 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/08/30 10:00:44 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\Macromedia
      [2012/08/30 09:59:47 | 000,000,000 | ---D | C] -- C:\Users\hp\AppData\Local\Mozilla
      [2012/08/30 09:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
      [2012/08/30 09:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
      [2012/08/17 18:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VerPelis Stream
      [2012/08/16 14:24:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
      [2012/08/03 07:16:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
      [2012/08/03 07:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
      [2012/08/03 07:16:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/08/31 10:56:42 | 003,932,160 | -HS- | M] () -- C:\Users\hp\ntuser.dat
      [2012/08/31 10:50:48 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/08/31 10:50:48 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/08/31 10:47:55 | 001,555,646 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/08/31 10:47:55 | 000,703,840 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/08/31 10:47:55 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/08/31 10:47:55 | 000,137,806 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/08/31 10:47:55 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/08/31 10:43:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
      [2012/08/31 10:43:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/08/31 10:43:18 | 3219,517,440 | -HS- | M] () -- C:\hiberfil.sys
      [2012/08/31 10:19:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/08/31 00:50:47 | 002,370,750 | -H-- | M] () -- C:\Users\hp\AppData\Local\IconCache.db
      [2012/08/31 00:03:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-96905525-258167397-1653627194-1000UA.job
      [2012/08/31 00:01:53 | 000,424,462 | ---- | M] () -- C:\Users\hp\Desktop\DSC07292.jpg
      [2012/08/30 15:17:35 | 000,017,098 | ---- | M] () -- C:\Users\hp\Desktop\TikiIsland.rar
      [2012/08/30 10:03:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
      [2012/08/30 10:03:00 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-96905525-258167397-1653627194-1000Core.job
      [2012/08/24 16:47:46 | 000,199,217 | ---- | M] () -- C:\Users\hp\Desktop\Factura-D-252610.pdf
      [2012/08/24 13:26:38 | 000,001,456 | ---- | M] () -- C:\Users\hp\AppData\Local\Adobe Save for Web 12.0 Prefs
      [2012/08/21 04:13:13 | 000,969,200 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
      [2012/08/21 04:13:13 | 000,359,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
      [2012/08/21 04:13:13 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
      [2012/08/21 04:13:12 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
      [2012/08/21 04:13:12 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
      [2012/08/21 04:13:11 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
      [2012/08/21 04:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
      [2012/08/21 04:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
      [2012/08/21 04:12:02 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
      [2012/08/21 00:17:55 | 000,867,992 | ---- | M] () -- C:\Users\hp\Desktop\DSC07122.jpg
      [2012/08/20 22:31:24 | 000,789,769 | ---- | M] () -- C:\Users\hp\Desktop\DSC07047.jpg
      [2012/08/20 22:26:38 | 003,566,929 | ---- | M] () -- C:\Users\hp\Desktop\DSC07047.png
      [2012/08/20 22:25:30 | 003,650,170 | ---- | M] () -- C:\Users\hp\Desktop\DSC07122.png
      [2012/08/20 15:44:00 | 000,654,866 | ---- | M] () -- C:\Users\hp\Desktop\NPCARIOPAPAS.pdf
      [2012/08/20 15:43:50 | 000,491,864 | ---- | M] () -- C:\Users\hp\Desktop\NP CARIOQUESOS.pdf
      [2012/08/20 12:54:29 | 000,229,410 | ---- | M] () -- C:\Users\hp\Desktop\Untitled-1.png
      [2012/08/16 14:46:11 | 005,045,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/08/31 10:32:16 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/08/31 10:32:16 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/08/31 10:32:16 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/08/31 00:01:52 | 000,424,462 | ---- | C] () -- C:\Users\hp\Desktop\DSC07292.jpg
      [2012/08/30 15:17:35 | 000,017,098 | ---- | C] () -- C:\Users\hp\Desktop\TikiIsland.rar
      [2012/08/30 09:59:39 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [2012/08/24 16:47:42 | 000,199,217 | ---- | C] () -- C:\Users\hp\Desktop\Factura-D-252610.pdf
      [2012/08/20 23:27:27 | 000,867,992 | ---- | C] () -- C:\Users\hp\Desktop\DSC07122.jpg
      [2012/08/20 22:31:23 | 000,789,769 | ---- | C] () -- C:\Users\hp\Desktop\DSC07047.jpg
      [2012/08/20 22:25:02 | 003,566,929 | ---- | C] () -- C:\Users\hp\Desktop\DSC07047.png
      [2012/08/20 22:06:37 | 003,650,170 | ---- | C] () -- C:\Users\hp\Desktop\DSC07122.png
      [2012/08/20 15:44:00 | 000,654,866 | ---- | C] () -- C:\Users\hp\Desktop\NPCARIOPAPAS.pdf
      [2012/08/20 15:43:50 | 000,491,864 | ---- | C] () -- C:\Users\hp\Desktop\NP CARIOQUESOS.pdf
      [2012/08/20 12:54:28 | 000,229,410 | ---- | C] () -- C:\Users\hp\Desktop\Untitled-1.png
      [2012/07/07 12:27:24 | 000,000,040 | ---- | C] () -- C:\Windows\winDecrypt.INI
      [2012/07/02 17:04:51 | 000,000,132 | ---- | C] () -- C:\Users\hp\AppData\Roaming\Adobe PNG Format CS5 Prefs
      [2012/07/02 16:22:40 | 000,006,144 | ---- | C] () -- C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/06/25 00:17:19 | 000,524,288 | -HS- | C] () -- C:\Users\hp\ntuser.dat{fbdfa5e8-be84-11e1-8115-00235a427404}.TMContainer00000000000000000002.regtrans-ms
      [2012/06/25 00:17:19 | 000,524,288 | -HS- | C] () -- C:\Users\hp\ntuser.dat{fbdfa5e8-be84-11e1-8115-00235a427404}.TMContainer00000000000000000001.regtrans-ms
      [2012/06/25 00:17:19 | 000,065,536 | -HS- | C] () -- C:\Users\hp\ntuser.dat{fbdfa5e8-be84-11e1-8115-00235a427404}.TM.blf
      [2012/05/11 15:57:22 | 000,001,456 | ---- | C] () -- C:\Users\hp\AppData\Local\Adobe Save for Web 12.0 Prefs
      [2012/04/24 22:18:26 | 002,370,750 | -H-- | C] () -- C:\Users\hp\AppData\Local\IconCache.db
      [2012/04/24 21:58:12 | 000,524,288 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
      [2012/04/24 21:58:12 | 000,524,288 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
      [2012/04/24 21:58:12 | 000,065,536 | -HS- | C] () -- C:\Users\hp\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
      [2012/04/24 21:58:12 | 000,000,020 | -HS- | C] () -- C:\Users\hp\ntuser.ini
      [2012/04/24 21:58:11 | 003,932,160 | -HS- | C] () -- C:\Users\hp\ntuser.dat
      [2012/04/24 21:00:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

      ========== LOP Check ==========

      [2012/08/05 08:03:23 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/08/31 10:34:25 | 000,002,442 | ---- | M] () -- C:\AT-Destroyer.txt
      [2012/08/31 10:43:18 | 3219,517,440 | -HS- | M] () -- C:\hiberfil.sys
      [2012/08/31 10:43:21 | 4292,694,016 | -HS- | M] () -- C:\pagefile.sys
      [2012/08/31 10:32:33 | 000,000,120 | ---- | M] () -- C:\prueba.txt

      < End of report >


      El reporte Extras.txt es:

      OTL Extras logfile created on: 8/31/2012 10:48:39 AM - Run 1
      OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\hp\Downloads
      64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

      4.00 Gb Total Physical Memory | 2.98 Gb Available Physical Memory | 74.46% Memory free
      7.99 Gb Paging File | 6.92 Gb Available in Paging File | 86.51% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 465.66 Gb Total Space | 316.62 Gb Free Space | 67.99% Space Free | Partition Type: NTFS

      Computer Name: HP1 | User Name: hp | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

      ========== Extra Registry (SafeList) ==========


      ========== File Associations ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

      ========== Shell Spawning ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      exefile [open] -- "%1" %*
      helpfile [open] -- Reg Error: Key error.
      inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
      InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
      InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
      Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [explore] -- Reg Error: Value error.
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
      exefile [open] -- "%1" %*
      helpfile [open] -- Reg Error: Key error.
      inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
      Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [explore] -- Reg Error: Value error.
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

      ========== Security Center Settings ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
      "cval" = 1

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
      "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
      "AntiVirusOverride" = 0
      "AntiSpywareOverride" = 0
      "FirewallOverride" = 0

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

      ========== Firewall Settings ==========

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
      "DisableNotifications" = 0
      "EnableFirewall" = 1

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
      "DisableNotifications" = 0
      "EnableFirewall" = 1

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
      "DisableNotifications" = 0
      "EnableFirewall" = 1

      ========== Authorized Applications List ==========


      ========== Vista Active Open Ports Exception List ==========

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
      "{11EC8F79-D0CF-466F-B0EB-CB5C9178E733}" = lport=139 | protocol=6 | dir=in | app=system |
      "{15C28706-6CE7-4F0C-94C4-D13894330BAC}" = rport=137 | protocol=17 | dir=out | app=system |
      "{1D626DDE-4712-45A5-8478-81B4C2DC0889}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
      "{33A26423-3E7F-4653-826E-9F4AD5ADDFCC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
      "{37F15329-B59B-461F-8C35-58953CFD2C9E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
      "{3E10E453-6681-4A98-BDE5-B25F37315FE5}" = lport=445 | protocol=6 | dir=in | app=system |
      "{4E7E8517-6E4D-45B2-B6EA-106CC44111FC}" = lport=10243 | protocol=6 | dir=in | app=system |
      "{5B84CA23-224C-40C2-A845-50130BD50843}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
      "{602C8ED3-7489-4F67-97E2-D8FBBA8F252A}" = lport=138 | protocol=17 | dir=in | app=system |
      "{67B050CB-13BF-4A15-9457-E9575AEE6371}" = rport=138 | protocol=17 | dir=out | app=system |
      "{8624A6C5-17D3-4FB7-8C42-7B67B1FB896E}" = rport=10243 | protocol=6 | dir=out | app=system |
      "{8770EF87-8947-4366-BC03-B457F34A8AAB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
      "{8B5A0EC2-0B72-459D-A4C1-7B5EF9EB3AB3}" = rport=445 | protocol=6 | dir=out | app=system |
      "{9C46DC60-929D-4DB8-910A-ED25D09171CA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
      "{A4D7237D-F930-4A6B-AF81-D754DC2D80AE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
      "{B8DED8F6-9CF0-4959-BB7D-E25C913AFB29}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
      "{C16A39A5-A3D7-498B-A9A9-472E4DB90AC9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
      "{C1F81F35-D372-461A-A2FD-3C84D93BD531}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
      "{CABB7911-1C0A-4785-8945-D7D5B711E5FD}" = lport=2869 | protocol=6 | dir=in | app=system |
      "{CD3B4C34-66CF-4325-AAAD-28A2452F832A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
      "{D2DAFB4A-D78E-4EAF-959A-0AEC728434B5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
      "{E29E433D-E1C0-44D6-A04C-4631C460F18A}" = lport=137 | protocol=17 | dir=in | app=system |
      "{E62ABFEC-B383-4991-A2F1-08012E4ED7B4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
      "{EAA671EB-C70F-40E0-B945-7AAF95CAD123}" = rport=139 | protocol=6 | dir=out | app=system |
      "{FC4A91F4-C2A2-4799-9EFF-7314BB07148D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
      "{FCA1767B-CA9B-46C8-A9AA-3A5EB097769C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

      ========== Vista Active Application Exception List ==========

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
      "{0ED0C84F-4F9B-44A9-80D1-25F3F86C8565}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
      "{23D40929-9BD0-4C9F-873F-68B2FB527FD2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
      "{2748FEA8-9DBA-45C3-BCA2-DC7E16B148B0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
      "{461586BD-A854-4D4D-B6A4-603B33CD61F3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
      "{4C57F780-2204-458E-9192-D2563173114A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{4D278470-F9FF-4E3A-93D7-6F066CE8352D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{640C516E-C0E6-45F5-9B51-F342CBF9EC86}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
      "{78EE7440-5CD9-48DD-8A2C-236516638EF8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{7AE470F8-141A-4AEC-934F-F32BE4E44642}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{82DF61C3-BC1A-4EFA-B0B1-9778A8E9E3DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{880C78C6-A065-4AFF-BF39-3A57D5772D66}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{89838C23-44EF-43AE-B51B-4C0105696567}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
      "{8E0F44C0-3C56-497F-B7FD-25FDF0611336}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{9F55C3B6-7996-44B2-BA43-A77CC5F248CD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
      "{A2532D9C-758F-400F-8D4C-E96EA147B239}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
      "{A5F9EADD-3C15-4972-8982-768CFB84017E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{AD322B80-8D4C-400C-AC1D-1429489C6AB4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
      "{B94EC7A9-D295-40E4-8BB8-D18B8F9D7B9F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
      "{BA3D7666-FF7C-4D80-BAF6-37C2891D7ECA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
      "{BAF78840-343D-4651-B49D-52E3153F990A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
      "{CF451635-C15C-42E0-92E7-9219D1BCB80C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
      "{D0850153-3F46-4B3C-AF05-39A3EB328E33}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
      "{D29A777F-DF62-4B4E-8336-1FE60FD3ED5F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
      "{EDB7455A-399D-4BDD-8129-7D4EE09ECDCE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
      "{EFDA4253-D93E-4583-9273-B02B340407EE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
      "{F9601A9F-7B00-468B-8250-C19FE987C884}" = protocol=6 | dir=out | app=system |
      "TCP Query User{26BAA5D0-7DA3-40FB-BB48-A077DD754EF9}C:\users\hp\downloads\ars portable\ares.exe" = protocol=6 | dir=in | app=c:\users\hp\downloads\ars portable\ares.exe |
      "TCP Query User{2BF9702E-BEEC-47C4-A28F-E3DA48DD466D}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe |
      "TCP Query User{35E09648-AE10-4673-8B5C-4715E94AB17C}C:\appserv\apache2.2\bin\httpd.exe" = protocol=6 | dir=in | app=c:\appserv\apache2.2\bin\httpd.exe |
      "TCP Query User{77648E59-169A-49B5-8A7C-C80E0E9BBC8B}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe |
      "TCP Query User{DEAFF3E6-676A-4647-9B03-BC7349DC79D5}C:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe |
      "UDP Query User{555A1DA1-D471-4BF3-98E5-D6ECB9050E7C}C:\appserv\apache2.2\bin\httpd.exe" = protocol=17 | dir=in | app=c:\appserv\apache2.2\bin\httpd.exe |
      "UDP Query User{582C70B6-89FD-4FDD-85D3-41CADC6C2F90}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe |
      "UDP Query User{95A25EDE-B1A4-4BBD-97EF-60FFDC49C6F8}C:\users\hp\downloads\ars portable\ares.exe" = protocol=17 | dir=in | app=c:\users\hp\downloads\ars portable\ares.exe |
      "UDP Query User{DCF3DF90-AFED-4D9C-BF4F-340560DDB7F6}C:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe dreamweaver cs5\dreamweaver.exe |
      "UDP Query User{F4E63141-8971-4430-A858-548CBE38840B}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe |

      ========== HKEY_LOCAL_MACHINE Uninstall List ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
      "{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
      "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
      "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
      "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
      "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
      "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
      "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
      "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
      "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
      "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
      "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
      "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
      "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
      "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
      "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
      "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
      "{C3C912BB-BF4B-3788-8A19-DA5B999CE0C6}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
      "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
      "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
      "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
      "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
      "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
      "EPSON TX120 Series" = EPSON TX120 Series Printer Uninstall
      "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
      "Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
      "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
      "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
      "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
      "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
      "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
      "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
      "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
      "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
      "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller Driver
      "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
      "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
      "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
      "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
      "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
      "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
      "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
      "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
      "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
      "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
      "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
      "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
      "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
      "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
      "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
      "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
      "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
      "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
      "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
      "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
      "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
      "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
      "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
      "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
      "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
      "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
      "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
      "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
      "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
      "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
      "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
      "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
      "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
      "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
      "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
      "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
      "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
      "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
      "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
      "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
      "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
      "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
      "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
      "{A1BC7068-C1BA-410F-8B9A-DB807C803DE2}" = Adobe Creative Suite 5 Design Premium
      "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
      "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
      "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
      "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
      "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
      "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
      "{AC76BA86-7AD7-1034-7B44-A95000000001}" = Adobe Reader 9.5.1 - Español
      "{C0959742-5DEB-453B-A55C-528AA0EBA103}" = Zoner Barcode Studio 2
      "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
      "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
      "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
      "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
      "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
      "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
      "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
      "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
      "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
      "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
      "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
      "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
      "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
      "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
      "Adobe AIR" = Adobe AIR
      "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
      "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
      "avast" = avast! Free Antivirus
      "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
      "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
      "ENTERPRISE" = Microsoft Office Enterprise 2007
      "EPSON Scanner" = EPSON Scan
      "Mozilla Firefox 15.0 (x86 en-US)" = Mozilla Firefox 15.0 (x86 en-US)
      "Mozilla Thunderbird 14.0 (x86 en-US)" = Mozilla Thunderbird 14.0 (x86 en-US)
      "MozillaMaintenanceService" = Mozilla Maintenance Service
      "Nero8WinuE_is1" = Nero 8.3.2.1
      "PDF Password Remover v3.1_is1" = PDF Password Remover v3.1
      "VerPelis Stream_is1" = VerPelis Strem 1.0.0
      "WinLiveSuite" = Windows Live Essentials
      "WinRAR archiver" = Compresor WinRAR

      ========== HKEY_CURRENT_USER Uninstall List ==========

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "Google Chrome" = Google Chrome

      ========== Last 20 Event Log Errors ==========

      [ Application Events ]
      Error - 8/17/2012 10:50:00 PM | Computer Name = hp1 | Source = SideBySide | ID = 16842815
      Description = Activation context generation failed for "C:\Program Files (x86)\Common
      Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
      Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
      "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
      "version" in element "assemblyIdentity" is invalid.

      Error - 8/18/2012 3:34:23 PM | Computer Name = hp1 | Source = SideBySide | ID = 16842815
      Description = Activation context generation failed for "C:\Program Files (x86)\Common
      Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
      Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
      "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
      "version" in element "assemblyIdentity" is invalid.

      Error - 8/23/2012 12:30:16 AM | Computer Name = hp1 | Source = SideBySide | ID = 16842815
      Description = Activation context generation failed for "C:\Program Files (x86)\Common
      Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
      Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
      "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
      "version" in element "assemblyIdentity" is invalid.

      Error - 8/24/2012 2:27:41 PM | Computer Name = hp1 | Source = Application Hang | ID = 1002
      Description = The program Photoshop.exe version 12.0.4.0 stopped interacting with
      Windows and was closed. To see if more information about the problem is available,
      check the problem history in the Action Center control panel. Process ID: 3b8 Start
      Time: 01cd818ab51fe26b Termination Time: 2787 Application Path: C:\Program Files\Adobe\Adobe
      Photoshop CS5 (64 Bit)\Photoshop.exe Report Id:

      Error - 8/25/2012 2:51:40 AM | Computer Name = hp1 | Source = Application Error | ID = 1000
      Description = Faulting application name: Photoshop.exe, version: 12.0.4.0, time
      stamp: 0x4d9d8f8e Faulting module name: MMXCore.8BX_unloaded, version: 0.0.0.0, time
      stamp: 0x4d9d9410 Exception code: 0xc0000005 Fault offset: 0x000007fef06958c0 Faulting
      process id: 0x1660 Faulting application start time: 0x01cd82263d8ba6bb Faulting application
      path: C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe Faulting
      module path: MMXCore.8BX Report Id: 52002e06-ee81-11e1-a9e7-00235a427404

      Error - 8/25/2012 2:52:33 AM | Computer Name = hp1 | Source = Application Hang | ID = 1002
      Description = The program Illustrator.exe version 15.0.2.399 stopped interacting
      with Windows and was closed. To see if more information about the problem is available,
      check the problem history in the Action Center control panel. Process ID: 1024 Start
      Time: 01cd814e5160f492 Termination Time: 453 Application Path: C:\Program Files (x86)\Adobe\Adobe
      Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe Report Id: 63260506-ee81-11e1-a9e7-00235a427404


      Error - 8/27/2012 12:24:47 AM | Computer Name = hp1 | Source = Application Hang | ID = 1002
      Description = The program iexplore.exe version 9.0.8112.16448 stopped interacting
      with Windows and was closed. To see if more information about the problem is available,
      check the problem history in the Action Center control panel. Process ID: f64 Start
      Time: 01cd840bd1998e55 Termination Time: 10 Application Path: C:\Program Files (x86)\Internet
      Explorer\iexplore.exe Report Id:

      Error - 8/27/2012 2:04:06 PM | Computer Name = hp1 | Source = Application Error | ID = 1000
      Description = Faulting application name: iexplore.exe, version: 9.0.8112.16448,
      time stamp: 0x4fecf1b7 Faulting module name: AcroIEHelper.dll_unloaded, version:
      0.0.0.0, time stamp: 0x4f708d85 Exception code: 0xc0000005 Fault offset: 0x74a4556c
      Faulting
      process id: 0xc8c Faulting application start time: 0x01cd847d4ab624b4 Faulting application
      path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
      AcroIEHelper.dll Report Id: 970d3ab2-f071-11e1-b1cd-00235a427404

      Error - 8/27/2012 2:22:44 PM | Computer Name = hp1 | Source = SideBySide | ID = 16842815
      Description = Activation context generation failed for "C:\Program Files (x86)\Common
      Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
      Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
      "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
      "version" in element "assemblyIdentity" is invalid.

      Error - 8/30/2012 11:52:55 AM | Computer Name = hp1 | Source = SideBySide | ID = 16842815
      Description = Activation context generation failed for "C:\Program Files (x86)\Common
      Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
      Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
      "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
      "version" in element "assemblyIdentity" is invalid.

      [ System Events ]
      Error - 8/30/2012 10:57:06 AM | Computer Name = hp1 | Source = atikmdag | ID = 43029
      Description = Display is not active

      Error - 8/30/2012 11:22:46 AM | Computer Name = hp1 | Source = atikmdag | ID = 52236
      Description = CPLIB :: General - Invalid Parameter

      Error - 8/30/2012 11:22:46 AM | Computer Name = hp1 | Source = atikmdag | ID = 43029
      Description = Display is not active

      Error - 8/30/2012 1:27:32 PM | Computer Name = hp1 | Source = atikmdag | ID = 43029
      Description = Display is not active

      Error - 8/30/2012 4:05:26 PM | Computer Name = hp1 | Source = atikmdag | ID = 43029
      Description = Display is not active

      Error - 8/30/2012 9:56:28 PM | Computer Name = hp1 | Source = atikmdag | ID = 43029
      Description = Display is not active

      Error - 8/31/2012 11:06:58 AM | Computer Name = hp1 | Source = atikmdag | ID = 52236
      Description = CPLIB :: General - Invalid Parameter

      Error - 8/31/2012 11:06:58 AM | Computer Name = hp1 | Source = atikmdag | ID = 43029
      Description = Display is not active

      Error - 8/31/2012 11:43:23 AM | Computer Name = hp1 | Source = atikmdag | ID = 52236
      Description = CPLIB :: General - Invalid Parameter

      Error - 8/31/2012 11:43:23 AM | Computer Name = hp1 | Source = atikmdag | ID = 43029
      Description = Display is not active


      < End of report >


      Mucho agradeceré si me pueden ayudar.

      Saludos!!

    2. #2
      Warrior Avatar de Fer21021
      Registrado
      abr 2008
      Ubicación
      Argentina
      Mensajes
      6.214

      Re: Eliminar My Start Incredibar

      Buenas, mrwalsh


      Te recomiendo leer los siguientes temas de interés.





      Sigues teniendo a My Start Incredibar.


      Trae el reporte de AT-Destroyer.


      Saludos.
      »» »» »».......Persevera y triunfarás........«« «« ««

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de mrwalsh
      Registrado
      ago 2012
      Ubicación
      Mexico
      Mensajes
      4

      Re: Eliminar My Start Incredibar

      Gracias,

      Una disculpa por no leer antes de postear.

      No encuentro el reporte AT-destroyer, ¿lo pongo a correr de nuevo?

      Saludos.

    4. #4
      Warrior Avatar de Fer21021
      Registrado
      abr 2008
      Ubicación
      Argentina
      Mensajes
      6.214

      Re: Eliminar My Start Incredibar

      Buenas,

      Realiza lo siguiente:

      • Descarga >> AT-Destroyer (Adwares/Toolbars-Destroyer) by @Infospyware.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer. (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Aparecerá el Disclaimer, si estás de acuerdo, presiona SI para continuar.
      • Presiona sobre la opción 1 (Buscar y Destruir) para comenzar es escaneo.
      • AT-Destroyer desconectará el escritorio momentáneamente.
      • En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya encontrado la infección, sino, serán lineas verdes.
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.(También lo puedes encontrar en C:\AT-Destroyer.log)
      • Inmediatamente debes Reiniciar el equipo.

      Trae el reporte de AT Destroyer.

      Saludos.
      »» »» »».......Persevera y triunfarás........«« «« ««

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de mrwalsh
      Registrado
      ago 2012
      Ubicación
      Mexico
      Mensajes
      4

      Re: Eliminar My Start Incredibar

      Buenas tardes,

      Gracias por la respuesta.

      He seguido las instrucciones y corrido el AT Destroyer y reiniciado el equipo.

      El reporte generado es:

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.7 By Infospyware
      www.infospyware.com
      Fecha iniciada en el analisis Thu 09/13/2012
      Hora iniciada en el analisis 16:31:23.56
      Usuario Actual : [C:\Users\hp]
      Sistema Operativo: Windows 7 Ultimate
      Arquitectura: Sistema operativo de 64 bits
      Versión Internet Explorer: 9.0.8112.16421
      Modo Actual: Modo Normal.
      Privilegios: [hp-Administrador]
      Versión Google Chrome: 21.0.1180.89
      Versión Mozilla Firefox: 15.0

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======




      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\Users\hp\Appdata\Local\GDIPFONTCACHEV1.DAT


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\system32\blank.htm
      Default_Page_URL == http://prodigy.msn.com/?ocid=OIE9HP

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\SysWOW64\blank.htm
      Default_Search_URL == http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL == http://go.microsoft.com/fwlink/?LinkId=69157


      "HKEY_USERS\S-1-5-21-96905525-258167397-1653627194-1000\Software\Microsoft\Internet Explorer\Main"
      Start Page == http://www.google.com
      Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
      Local Page == C:\Windows\system32\blank.htm
      Default_Page_URL == http://prodigy.msn.com/?ocid=OIE9HP


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,
      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("browser.startup.homepage", "http://google.com");




      ======= EOF =======

      Mucho agradeceré ayuda.

      Saludos.

    6. #6
      Warrior Avatar de Fer21021
      Registrado
      abr 2008
      Ubicación
      Argentina
      Mensajes
      6.214

      Re: Eliminar My Start Incredibar

      Buenas,

      El reporte esta limpio, no se observan rastro de la toolbar.


      Sigues teniendo el problema, si es asi comenta en que navegador.


      Saludos.
      »» »» »».......Persevera y triunfarás........«« «« ««

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de mrwalsh
      Registrado
      ago 2012
      Ubicación
      Mexico
      Mensajes
      4

      Re: Eliminar My Start Incredibar

      Buen día:

      Los navegadores funcionan bien y no hay rastros de la toolbar en ninguno.

      Creo que podemos dar la infección como eliminada.

      Agradezco mucho la asesoría.

      Saludos cordiales.