• Registrarse
  • Iniciar sesión


  • Resultados 1 al 5 de 5

    Searchnu.com/406

    Tengo el problema del searchnu.com/406, estuve viendo los temas del foro y después de utilizar el OTL no se cual es el código para reparar. ¿Qué debo poner? ya sé que es el OTL.Txt pero ...

    1. #1
      Usuario Avatar de ELMO ROIDES
      Registrado
      ago 2012
      Ubicación
      Puerto Rico
      Mensajes
      3

      Articulo Searchnu.com/406

      Tengo el problema del searchnu.com/406, estuve viendo los temas del foro y después de utilizar el OTL no se cual es el código para reparar. ¿Qué debo poner? ya sé que es el OTL.Txt pero de este cual es el código... Esto es lo que me salió...
      Por favor le voy a ayudenme . Gracias.

      --.OTL logfile created on: 30/08/2012 09:53:25 p.m. - Run 1
      OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Yellitza\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.7601.17514)
      Locale: 0000500A | Country: Puerto Rico | Language: ESU | Date Format: dd/MM/yyyy

      2.93 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 47.31% Memory free
      5.86 Gb Paging File | 4.01 Gb Available in Paging File | 68.38% Paging File free
      Paging file location(s): c:\pagefile.sys 3000 6000 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 219.29 Gb Total Space | 145.39 Gb Free Space | 66.30% Space Free | Partition Type: NTFS
      Drive E: | 968.25 Mb Total Space | 792.22 Mb Free Space | 81.82% Space Free | Partition Type: FAT

      Computer Name: PUBLIC-PC | User Name: Yellitza | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Yellitza\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
      PRC - C:\Program Files (x86)\ooVoo\ooVoo.exe (ooVoo LLC)
      PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe (Panda Security, S.L.)
      PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
      PRC - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE (MyWebSearch.com)
      PRC - C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
      PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe (Panda Security, S.L.)
      PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\psksvc.exe (Panda Security, S.L.)
      PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
      PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
      PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\WebProxy.exe (Panda Security, S.L.)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Group)
      PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
      PRC - C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrlS.exe (Panda Security, S.L.)
      PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
      PRC - C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe (Panda Security, S.L.)


      ========== Modules (No Company Name) ==========

      MOD - C:\Users\Yellitza\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll ()
      MOD - C:\Users\Yellitza\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll ()
      MOD - C:\Users\Yellitza\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll ()
      MOD - C:\Users\Yellitza\AppData\Local\Google\Chrome\Application\21.0.1180.89\libglesv2.dll ()
      MOD - C:\Users\Yellitza\AppData\Local\Google\Chrome\Application\21.0.1180.89\libegl.dll ()
      MOD - C:\Users\Yellitza\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll ()
      MOD - C:\Users\Yellitza\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll ()
      MOD - C:\Users\Yellitza\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll ()
      MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
      MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
      SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Group)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV:64bit: - (lxdn_device) -- C:\Windows\SysNative\lxdncoms.exe ( )
      SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
      SRV - (BR_Launcher) -- C:\Program Files (x86)\Claro Banda Ancha\Claro HSPA+ Modem\BRService.exe (BandRich Inc.)
      SRV - (TPSrv) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe (Panda Security, S.L.)
      SRV - (MyWebSearchService) -- C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE (MyWebSearch.com)
      SRV - (PAVFNSVR) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe (Panda Security, S.L.)
      SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
      SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
      SRV - (PskSvcRetail) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\psksvc.exe (Panda Security, S.L.)
      SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
      SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
      SRV - (PAVSRV) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe (Panda Security, S.L.)
      SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
      SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
      SRV - (Panda Software Controller) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrlS.exe (Panda Security, S.L.)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
      SRV - (PSIMSVC) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe (Panda Security S.L.)
      SRV - (PavPrSrv) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe (Panda Security, S.L.)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
      DRV:64bit: - (pavboot) -- C:\Windows\SysNative\drivers\pavboot64.sys (Panda Security, S.L.)
      DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (AmFSM) -- C:\Windows\SysNative\drivers\amm6460.sys (Panda Security, S.L.)
      DRV:64bit: - (br_bandluxe_cdc_acm) -- C:\Windows\SysNative\drivers\br_bandluxe_cdc_acm.sys (BandRich)
      DRV:64bit: - (br_bandluxe_dc_enum) -- C:\Windows\SysNative\drivers\br_bandluxe_dc_enum.sys (BandRich)
      DRV:64bit: - (br_bandluxe_cdc_ecm) -- C:\Windows\SysNative\drivers\br_bandluxe_cdc_ecm.sys (BandRich)
      DRV:64bit: - (br_bandluxe_cpo) -- C:\Windows\SysNative\drivers\br_bandluxe_cpo.sys (BandRich)
      DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (ShldFlt) -- C:\Windows\SysNative\drivers\ShldFlt.sys (Panda Security, S.L.)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
      DRV:64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
      DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
      DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
      IE:64bit: - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=down&chnl=down&cd=2XzuyEtN2Y1L1QzuyD0C0A0CyE0CyCzytDtC0F0DtA0D0FyEtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=15916816
      IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=395&systemid=406&sr=0&q={searchTerms}
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alawar.es/
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=c2000&s={searchTerms}&f=4
      IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
      IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      IE - HKLM\..\SearchScopes\{0335CCE9-0202-E4D1-17FB-5EAEAA5E707C}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=101&q={searchTerms}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
      IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCman000&ptnrS=ZCman000&ptb=w36_ygVB3p0p4QayIwqIqA&ind=2011012500&n=77dd9d94&psa=&st=sb&searchfor={searchTerms}
      IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=down&chnl=down&cd=2XzuyEtN2Y1L1QzuyD0C0A0CyE0CyCzytDtC0F0DtA0D0FyEtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=15916816
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=395&systemid=406&sr=0&q={searchTerms}
      IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes,Backup.Old.DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{0335CCE9-0202-E4D1-17FB-5EAEAA5E707C}: "URL" = http://www.google.com/search?ie=utf-8&oe=utf-8&rlz=1V4IPYX&q={searchTerms}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=c2000&s={searchTerms}&f=4
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=down&chnl=down&cd=2XzuyEtN2Y1L1QzuyD0C0A0CyE0CyCzytDtC0F0DtA0D0FyEtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=15916816
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCman000&ptnrS=ZCman000&ptb=w36_ygVB3p0p4QayIwqIqA&ind=2011012500&n=77dd9d94&psa=&st=sb&searchfor={searchTerms}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}&pr=prov&client_id=00FB8E4001CBBDB4002AB3D4&install_time=2011-01-25T22:50:38Z&src_id=11851&camp_id=-6&tb_version=2.5.15001.521
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=101&q={searchTerms}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=395&systemid=406&sr=0&q={searchTerms}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{E4D76A9D-2833-4DF6-9048-633070D7486B}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "Search"
      FF - prefs.js..browser.search.selectedEngine: "Search"
      FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=adbartrp&q="
      FF - prefs.js..browser.search.selectedEngine: "Search"
      FF - prefs.js..browser.search.defaultenginename: "Search"
      FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
      FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch"
      FF - prefs.js..browser.startup.homepage: "http://www.alawar.es/"user_pref("browser.startup.homepage", "http://www.mystart.com/?pr=vmn&rlz=1V1IPYX&id=pandasecuritytb&v=3_0");
      FF - prefs.js..browser.startup.homepage: "http://www.mystart.com/?pr=vmn&rlz=1V1IPYX&id=pandasecuritytb&v=3_0"
      FF - prefs.js..backup.old.browser.search.selectedEngine: "Search the web (Babylon)"
      FF - prefs.js..backup.old.browser.search.defaultenginename: "Search the web (Babylon)"


      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll (MyWebSearch.com)
      FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Yellitza\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Yellitza\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2012/03/10 16:43:53 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/10/16 22:56:11 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/10/16 22:56:13 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MyWebSearch\bar\2.bin [2011/11/22 19:40:39 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.728.0\firefox\extensions [2011/09/05 11:16:07 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2012/03/10 16:43:53 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2012/03/10 16:43:53 | 000,000,000 | ---D | M]

      [2012/07/27 13:27:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\Profiles\eomuet3i.default\extensions
      [2012/04/21 17:30:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\Profiles\eomuet3i.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
      [2011/03/14 00:23:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\Profiles\eomuet3i.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
      [2011/02/16 15:32:44 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\Profiles\eomuet3i.default\extensions\[email protected]
      [2012/07/29 00:23:55 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\Profiles\eomuet3i.default\extensions\[email protected]
      [2011/11/22 19:40:39 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\Profiles\eomuet3i.default\extensions\[email protected]
      [2011/01/30 12:51:01 | 000,000,000 | ---- | M] () -- C:\Users\Yellitza\AppData\Roaming\Mozilla\Firefox\Profiles\eomuet3i.default\searchplugins\mywebsearch.xml
      [2012/07/27 13:27:18 | 000,000,773 | ---- | M] () -- C:\Users\Yellitza\AppData\Roaming\Mozilla\Firefox\Profiles\eomuet3i.default\searchplugins\Search.xml
      [2010/08/12 06:12:24 | 000,005,529 | ---- | M] () -- C:\Users\Yellitza\AppData\Roaming\Mozilla\Firefox\Profiles\eomuet3i.default\searchplugins\SearchquWebSearch.xml

      ========== Chrome ==========

      CHR - homepage: http://www.google.com.pr/
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: http://www.google.com.pr/
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\Yellitza\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Yellitza\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Yellitza\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
      CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Yellitza\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
      CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Yellitza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
      CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
      CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
      CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
      CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
      CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
      CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll
      CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: Google Update (Enabled) = C:\Users\Yellitza\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
      CHR - Extension: YouTube = C:\Users\Yellitza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\Yellitza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
      CHR - Extension: FB Layouts & Extras = C:\Users\Yellitza\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeijollgfmffkncnabiigmkoomhjnhf\3.0.0_0\
      CHR - Extension: Gmail = C:\Users\Yellitza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
      O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)
      O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
      O2 - BHO: (adfalkchpr Object) - {4E2EAF46-FE48-4E30-8D7B-1B0C495DFB68} - C:\Windows\$XNTUninstall643$\oouhm.dll File not found
      O2 - BHO: (dymanet) - {66ca1279-b25b-9da2-6e2c-e52103313f0b} - C:\Windows\SysWow64\b809b414-3f6e-184e-10ca-0f89c2774823.dll File not found
      O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll File not found
      O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
      O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
      O3:64bit: - HKLM\..\Toolbar: (no name) - !{99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - !{99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)
      O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
      O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
      O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
      O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll File not found
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
      O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE (Panda Security, S.L.)
      O4 - HKLM..\Run: [LanzarP2012tmp] C:\Users\Yellitza\AppData\Local\Temp\P2012tmp\Install.exe (Panda Security, S.L.)
      O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SRCHMN.EXE (MyWebSearch.com)
      O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
      O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
      O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
      O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\Inicio.exe (Panda Security, S.L.)
      O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
      O4 - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
      O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Searchqu Toolbar" File not found
      O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar" File not found
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{354647F0-76F1-4F92-BC36-CDA646F0423E}: DhcpNameServer = 196.28.61.36 196.28.61.66
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49F53CF5-C7A2-45F3-A55B-5263C318441B}: DhcpNameServer = 10.0.0.138
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll) - File not found
      O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll) - File not found
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (c:\windows\syswow64\userinit.exe) - c:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O20:64bit: - Winlogon\Notify\avldr: DllName - (avldr64.dll) - C:\Windows\SysNative\avldr64.dll (On-Access Anti-Malware Scanner Sync)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O33 - MountPoints2\{3440e92c-2588-11e0-81ea-1c75081bf843}\Shell - "" = AutoRun
      O33 - MountPoints2\{3440e92c-2588-11e0-81ea-1c75081bf843}\Shell\AutoRun\command - "" = E:\AutoRun.exe
      O33 - MountPoints2\{3440e92f-2588-11e0-81ea-1c75081bf843}\Shell - "" = AutoRun
      O33 - MountPoints2\{3440e92f-2588-11e0-81ea-1c75081bf843}\Shell\AutoRun\command - "" = E:\AutoRun.exe
      O33 - MountPoints2\{3440e934-2588-11e0-81ea-1c75081bf843}\Shell - "" = AutoRun
      O33 - MountPoints2\{3440e934-2588-11e0-81ea-1c75081bf843}\Shell\AutoRun\command - "" = F:\AutoRun.exe
      O33 - MountPoints2\{44ee2f02-346b-11e0-a567-1c75081bf843}\Shell - "" = AutoRun
      O33 - MountPoints2\{44ee2f02-346b-11e0-a567-1c75081bf843}\Shell\AutoRun\command - "" = F:\AutoRun.exe
      O33 - MountPoints2\{b0807c62-3b8e-11e0-a4df-1c75081bf843}\Shell - "" = AutoRun
      O33 - MountPoints2\{b0807c62-3b8e-11e0-a4df-1c75081bf843}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
      O34 - HKLM BootExecute: (autocheck autochk *)
      O34 - HKLM BootExecute: (MACHINE BootExecut)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/08/30 14:00:51 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{9F7F2E00-A3EF-4C86-951C-9C13E67F980E}
      [2012/08/30 01:59:10 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{99F76A7D-D7AE-470B-9217-8873166854CA}
      [2012/08/30 00:41:16 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Roaming\vlc
      [2012/08/30 00:40:26 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\Ilivid Player
      [2012/08/30 00:31:24 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{B3F590A0-46E2-4FC7-9C28-B108EDA69DDC}
      [2012/08/28 22:51:11 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{3EEC091F-CA34-4AEC-AC20-45021C6CCF97}
      [2012/08/26 21:48:37 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{2FD64B2C-4EDA-4329-87AD-84A8F6EF1875}
      [2012/08/26 21:39:23 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{187BA6EB-E8F8-4BF9-9E14-42866DDC9386}
      [2012/08/26 21:30:26 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{EF4A38E5-95E2-443B-BD4A-C106470249AA}
      [2012/08/26 12:09:01 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{B882F99D-B897-4B45-9F5F-55332A92D43C}
      [2012/08/26 12:03:43 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{BB92F236-7B13-4DEC-B2F4-B77813A61468}
      [2012/08/26 11:54:54 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{72496AFA-830D-4D8B-AFBE-9EDA2304B1CC}
      [2012/08/26 11:43:16 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{FA25AB29-FEAB-4286-AF79-8EE6EC4A9D43}
      [2012/08/26 00:57:10 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{2EEAD5EA-4495-4CD9-B4CF-58A8CB6CEC1D}
      [2012/08/25 11:23:11 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{58CFA85A-7F2F-4DF4-975F-523DF7913706}
      [2012/08/24 18:23:07 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{0D14A65C-C4FD-4939-9CBD-A7011A4AB2BB}
      [2012/08/23 10:41:02 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{CD2E4EBF-8893-49E3-B9D4-9C16F6F5960D}
      [2012/08/22 2220 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{46259DD1-15A8-4E75-B354-D0D30258E672}
      [2012/08/22 09:37:34 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Roaming\Corel
      [2012/08/22 09:37:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
      [2012/08/22 09:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
      [2012/08/21 21:30:38 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\Documents\merla
      [2012/08/21 20:07:27 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [2012/08/21 10:45:16 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{86809EC8-F3AD-49E3-92FE-BCCF004C5C36}
      [2012/08/20 16:46:22 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{DFE866FE-209D-4FCC-A9AC-049D74C8184F}
      [2012/08/19 11:53:27 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{39830B12-5747-4A6E-BC8D-3DCF060B3604}
      [2012/08/19 02:21:36 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{72D983E0-3B53-438A-BCF7-5C9E303C1E86}
      [2012/08/18 22:14:22 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{53BCB882-CD8E-4BCE-96EB-1E49916B514B}
      [2012/08/18 08:37:40 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{E2996147-A8F7-406A-BEB0-ADB56650841C}
      [2012/08/18 08:37:17 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{505B0AF6-15F1-4DE4-9ECF-26FE124D3649}
      [2012/08/17 11:23:21 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{416B2F8A-8E17-4628-B4BA-621B36B014A3}
      [2012/08/17 11:23:08 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{7B5AF7DB-52FA-48BB-A101-CF1CD4CF8A98}
      [2012/08/16 23:06:14 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{0A395160-36AE-4215-A92E-BFDF944E8F0E}
      [2012/08/16 23:06:01 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{A52FA76C-788E-4EDF-9A5E-6250E21D83F7}
      [2012/08/15 23:43:16 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{E08530EB-33D5-45C7-8AEC-A580AA3B93A6}
      [2012/08/09 19:40:55 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{0D2F2BD9-6FED-49A8-B86A-B820675EB2D4}
      [2012/08/08 14:21:30 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{6C574760-859B-4EDF-B908-8FA38674F19E}
      [2012/08/08 14:21:19 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{C3BA2291-F909-4361-953F-7A9D894407FE}
      [2012/08/07 22:55:28 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{3FF26E83-D02F-4FD9-8D1D-9ED864A03581}
      [2012/08/07 22:55:16 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{12DE80DE-E020-4708-8D87-9E5286439BDD}
      [2012/08/07 10:54:34 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{65614665-2816-44BF-8BF1-1CD1A03803A9}
      [2012/08/07 10:53:53 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{230709CB-D8AC-4D9A-85FF-DEBE6CFF38F9}
      [2012/08/07 09:49:36 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{3AC751D6-9FE6-4FF9-8076-14F76F00E950}
      [2012/08/07 09:43:04 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{7FED0162-97E0-4DB7-B0A6-94721F6F8783}
      [2012/08/06 12:51:13 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{5F9E1D1D-5143-4420-862B-70589726F24B}
      [2012/08/06 12:51:00 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{18CFA55B-2216-49A3-8DCC-DADF8CADDC78}
      [2012/08/05 20:21:38 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{C8A360E7-52DA-4E62-A83C-0E3B0C6406DE}
      [2012/08/05 16:37:02 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{828AC724-D08F-4578-8DF9-254837D8F97C}
      [2012/08/05 16:36:48 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{FE012787-C425-4711-8658-BCF73DC537D2}
      [2012/08/04 20:39:51 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\Facebook
      [2012/08/04 17:11:34 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{BB2D6892-568C-4041-AE5A-E41F6128CD51}
      [2012/08/04 17:06:56 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{9CA8AA3F-5288-4C31-9427-EACE0E95CB45}
      [2012/08/04 13:04:42 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{58B913DD-AD75-4848-BCC6-4DF8F71BBDE4}
      [2012/08/03 20:44:41 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{6B131640-0435-4695-918C-A192DF7B4281}
      [2012/08/03 20:06:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
      [2012/08/03 20:00:19 | 000,000,000 | ---D | C] -- C:\Users\Yellitza\AppData\Local\{E16B39DD-5141-4EA5-8EC9-7B67BAA8F99E}
      [1 C:\Users\Yellitza\Documents\*.tmp files -> C:\Users\Yellitza\Documents\*.tmp -> ]
      [1 C:\Users\Yellitza\AppData\Local\*.tmp files -> C:\Users\Yellitza\AppData\Local\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/08/31 00:44:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/08/31 00:25:27 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2849805945-2491920262-2813528639-1000UA.job
      [2012/08/30 23:25:34 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2849805945-2491920262-2813528639-1000Core.job
      [2012/08/30 19:19:29 | 000,837,106 | ---- | M] () -- C:\Users\Yellitza\AppData\Local\census.cache
      [2012/08/30 19:19:16 | 000,113,633 | ---- | M] () -- C:\Users\Yellitza\AppData\Local\ars.cache
      [2012/08/30 17:59:54 | 000,000,036 | ---- | M] () -- C:\Users\Yellitza\AppData\Local\housecall.guid.cache
      [2012/08/30 17:43:45 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/08/30 17:43:45 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/08/30 17:31:46 | 000,000,206 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
      [2012/08/30 17:31:21 | 2360,852,480 | -HS- | M] () -- C:\hiberfil.sys
      [2012/08/30 02:40:33 | 000,000,282 | ---- | M] () -- C:\Windows\wininit.ini
      [2012/08/23 11:32:28 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
      [2012/08/19 14:03:42 | 000,738,832 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/08/19 14:03:42 | 000,632,696 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/08/19 14:03:42 | 000,110,644 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/08/17 11:19:02 | 000,415,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2012/08/16 01:45:59 | 000,000,026 | ---- | M] () -- C:\Windows\popcinfo.dat
      [1 C:\Users\Yellitza\Documents\*.tmp files -> C:\Users\Yellitza\Documents\*.tmp -> ]
      [1 C:\Users\Yellitza\AppData\Local\*.tmp files -> C:\Users\Yellitza\AppData\Local\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/08/30 18:45:45 | 000,837,106 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\census.cache
      [2012/08/30 18:44:46 | 000,113,633 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\ars.cache
      [2012/08/30 17:59:54 | 000,000,036 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\housecall.guid.cache
      [2012/07/27 13:27:18 | 000,031,465 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\funmoods.crx
      [2012/05/14 05:38:32 | 000,043,976 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\save_en.bmp
      [2012/05/14 05:38:08 | 000,043,976 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\save_es.bmp
      [2011/09/23 07:56:45 | 000,000,017 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\resmon.resmoncfg
      [2011/04/07 19:48:14 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
      [2011/03/15 00:15:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\PopUninstall.exe
      [2011/03/15 00:15:33 | 001,833,473 | ---- | C] () -- C:\Windows\SysWow64\Chuzzle.exe
      [2011/03/15 00:15:03 | 008,122,110 | ---- | C] () -- C:\Windows\SysWow64\Setup.exe
      [2011/03/13 16:31:10 | 000,134,732 | ---- | C] () -- C:\Windows\SysWow64\bef63426-fd61-e73f-14c9-8ed5585874f3.exe
      [2011/03/13 16:22:52 | 000,000,488 | ---- | C] () -- C:\Windows\Poolemup.ini
      [2011/02/09 02:20:21 | 000,000,282 | ---- | C] () -- C:\Windows\wininit.ini
      [2011/02/08 16:30:00 | 000,009,728 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2011/02/01 18:11:52 | 000,000,022 | ---- | C] () -- C:\Windows\SysWow64\Msglixgrx.dll
      [2011/01/30 12:50:48 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
      [2011/01/27 15:35:48 | 000,731,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2011/01/23 19:44:18 | 000,000,026 | ---- | C] () -- C:\Windows\popcinfo.dat
      [2010/10/16 22:55:19 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
      [2010/10/16 22:55:19 | 000,051,712 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
      [2010/10/16 22:55:19 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
      [2010/10/16 22:55:19 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini

      ========== LOP Check ==========

      [2011/03/14 00:23:14 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\Azureus
      [2011/02/16 15:31:42 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\Babylon
      [2012/01/05 14:40:54 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\Canon
      [2012/08/21 20:07:27 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [2011/02/08 16:18:27 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1
      [2011/03/13 00:12:23 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\Flood Light Games
      [2011/01/26 21:49:52 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\FloodLightGames
      [2011/01/25 10:45:46 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\iWin
      [2011/03/13 23:51:26 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\moovida-1
      [2011/02/02 17:11:18 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\mresreg
      [2011/03/12 02:09:42 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\ooVoo Details
      [2012/07/29 05:29:34 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\Panda Security
      [2011/10/16 19:29:05 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\PC Suite
      [2011/01/24 22:44:15 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\PlayFirst
      [2011/03/14 00:35:53 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\Raptr
      [2011/06/27 15:13:18 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\RobinsonCrusoe
      [2011/07/18 16:53:41 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\RobinsonCrusoeBFGES
      [2011/03/12 00:45:47 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\SoftGrid Client
      [2011/03/10 12:43:54 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\SurfSecret Privacy Suite
      [2011/06/27 18:26:31 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\Systweak
      [2011/01/27 15:36:50 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\TP
      [2011/06/24 17:28:25 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\Uniblue
      [2011/03/13 23:46:03 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\widestream
      [2011/02/03 19:04:29 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\Windows Live Writer
      [2012/08/30 17:31:46 | 000,000,206 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
      [2012/05/24 21:36:47 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

      ========== Purity Check ==========



      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:E32966C0

      < End of report >

    2. #2
      Ex-Colaborador Avatar de Xtreme Hero
      Registrado
      dic 2010
      Ubicación
      España
      Mensajes
      9.014

      Re: Searchnu.com/406

      Hola ELMO ROIDES Bienvenido a infospyware

      Realiza lo siguiente:

      Ejecuta OTL.exe


      1.- Copiar el siguiente texto (excluyendo la palabra Código):
      Código:
      :OTL
      
      SRV - (MyWebSearchService) -- C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE (MyWebSearch.com)
      IE:64bit: - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=down&chnl=down&c d=2XzuyEtN2Y1L1QzuyD0C0A0CyE0CyCzytDtC0F0DtA0D0FyEtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=15916816
      IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=395&systemid=406&sr=0&q={searchTerms}
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alawar.es/
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=c2000&s={searchTerms}&f=4
      IE - HKLM\..\SearchScopes\{0335CCE9-0202-E4D1-17FB-5EAEAA5E707C}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=101&q={searchTerms}
      IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCman000&ptnrS=ZCman000&ptb=w36_yg VB3p0p4QayIwqIqA&ind=2011012500&n=77dd9d94&psa=&st =sb&searchfor={searchTerms}
      IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=down&chnl=down&c d=2XzuyEtN2Y1L1QzuyD0C0A0CyE0CyCzytDtC0F0DtA0D0FyE tN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1591 6816
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=395&systemid=406&sr=0&q={searchTerms}
      IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=c2000&s={searchTerms}&f=4
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=down&chnl=down&c d=2XzuyEtN2Y1L1QzuyD0C0A0CyE0CyCzytDtC0F0DtA0D0FyE tN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=15916816
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCman000&ptnrS=ZCman000&ptb=w36_yg VB3p0p4QayIwqIqA&ind=2011012500&n=77dd9d94&psa=&st=sb&searchfor={searchTerms}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=101&q={searchTerms}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=395&systemid=406&sr=0&q={searchTerms}
      IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
      FF - prefs.js..browser.search.defaultenginename: "Search"
      FF - prefs.js..browser.search.selectedEngine: "Search"
      FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=adbartrp&q="
      FF - prefs.js..browser.search.selectedEngine: "Search"
      FF - prefs.js..browser.search.defaultenginename: "Search"
      FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
      FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch"
      FF - prefs.js..browser.startup.homepage: "http://www.alawar.es/"user_pref("browser.startup.homepage", "http://www.mystart.com/?pr=vmn&rlz=1V1IPYX&id=pandasecuritytb&v=3_0");
      FF - prefs.js..browser.startup.homepage: "http://www.mystart.com/?pr=vmn&rlz=1V1IPYX&id=pandasecuritytb&v=3_0"
      FF - prefs.js..backup.old.browser.search.selectedEngine : "Search the web (Babylon)"
      FF - prefs.js..backup.old.browser.search.defaultenginen ame: "Search the web (Babylon)"
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\[email protected]: C:\Program Files (x86)\MyWebSearch\bar\2.bin [2011/11/22 19:40:39 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\[email protected]: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.728.0\firefox\exten sions [2011/09/05 11:16:07 | 000,000,000 | ---D | M]
      [2011/02/16 15:32:44 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\ Profiles\eomuet3i.default\extensions\[email protected]
      [2012/07/29 00:23:55 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\ Profiles\eomuet3i.default\extensions\[email protected]
      [2011/11/22 19:40:39 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\ Profiles\eomuet3i.default\extensions\[email protected]
      [2011/01/30 12:51:01 | 000,000,000 | ---- | M] () -- C:\Users\Yellitza\AppData\Roaming\Mozilla\Firefox\ Profiles\eomuet3i.default\searchplugins\mywebsearch.xml
      [2012/07/27 13:27:18 | 000,000,773 | ---- | M] () -- C:\Users\Yellitza\AppData\Roaming\Mozilla\Firefox\ Profiles\eomuet3i.default\searchplugins\Search.xml
      [2010/08/12 06:12:24 | 000,005,529 | ---- | M] () -- C:\Users\Yellitza\AppData\Roaming\Mozilla\Firefox\ Profiles\eomuet3i.default\searchplugins\SearchquWebSearch.xml
      CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll
      O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
      O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)
      O2 - BHO: (adfalkchpr Object) - {4E2EAF46-FE48-4E30-8D7B-1B0C495DFB68} - C:\Windows\$XNTUninstall643$\oouhm.dll File not found
      O2 - BHO: (dymanet) - {66ca1279-b25b-9da2-6e2c-e52103313f0b} - C:\Windows\SysWow64\b809b414-3f6e-184e-10ca-0f89c2774823.dll File not found
      O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll File not found
      O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx. dll File not found
      O3:64bit: - HKLM\..\Toolbar: (no name) - !{99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - !{99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)
      O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx. dll File not found
      O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll File not found
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Searchqu Toolbar" File not found
      O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar" File not found
      O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll) - File not found
      O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll) - File not found
      O33 - MountPoints2\{3440e92c-2588-11e0-81ea-1c75081bf843}\Shell - "" = AutoRun
      O33 - MountPoints2\{3440e92c-2588-11e0-81ea-1c75081bf843}\Shell\AutoRun\command - "" = E:\AutoRun.exe
      O33 - MountPoints2\{3440e92f-2588-11e0-81ea-1c75081bf843}\Shell - "" = AutoRun
      O33 - MountPoints2\{3440e92f-2588-11e0-81ea-1c75081bf843}\Shell\AutoRun\command - "" = E:\AutoRun.exe
      O33 - MountPoints2\{3440e934-2588-11e0-81ea-1c75081bf843}\Shell - "" = AutoRun
      O33 - MountPoints2\{3440e934-2588-11e0-81ea-1c75081bf843}\Shell\AutoRun\command - "" = F:\AutoRun.exe
      O33 - MountPoints2\{44ee2f02-346b-11e0-a567-1c75081bf843}\Shell - "" = AutoRun
      O33 - MountPoints2\{44ee2f02-346b-11e0-a567-1c75081bf843}\Shell\AutoRun\command - "" = F:\AutoRun.exe
      O33 - MountPoints2\{b0807c62-3b8e-11e0-a4df-1c75081bf843}\Shell - "" = AutoRun
      O33 - MountPoints2\{b0807c62-3b8e-11e0-a4df-1c75081bf843}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
      [1 C:\Users\Yellitza\Documents\*.tmp files -> C:\Users\Yellitza\Documents\*.tmp -> ]
      [1 C:\Users\Yellitza\AppData\Local\*.tmp files -> C:\Users\Yellitza\AppData\Local\*.tmp -> ]
      [2012/07/27 13:27:18 | 000,031,465 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\funmoods.crx
      [2012/05/14 05:38:32 | 000,043,976 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\save_en.bmp
      [2012/05/14 05:38:08 | 000,043,976 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\save_es.bmp
      [2011/03/13 16:31:10 | 000,134,732 | ---- | C] () -- C:\Windows\SysWow64\bef63426-fd61-e73f-14c9-8ed5585874f3.exe
      [2011/02/16 15:31:42 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\Babylon
      @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:E32966C0
      
      :files
      C:\Program Files (x86)\MyWebSearch
      C:\Program Files (x86)\ClickPotatoLite
      
      
      :Commands
      [PURITY] 
      [RESETHOSTS]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [CREATERESTOREPOINT]
      2.- Pegar el contenido sobre el apartado: Análisis Personalizados /Código de Reparación.


      3.- Presionar el botón Reparar para comenzar el procedimiento. Presionar OK.


      OTL va a reiniciar el ordenador para completar el procedimiento.

      Guardar el nuevo reporte generado. Copiar y pegarlo en su próxima respuesta, comentando como funciona el Sistema.

      Salu2
      Lucha Hasta El Final

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de ELMO ROIDES
      Registrado
      ago 2012
      Ubicación
      Puerto Rico
      Mensajes
      3

      Articulo Re: Searchnu.com/406

      muchas gracias , Pero el problema sigue ahí... Cuando abrí otra vez me salió searchnu/406 El problema no está solucionado aún....
      No sé que pasó y ahora ¿Qué debo hacer?

      este es el reporte final:
      All processes killed
      Error: Unable to interpret <SRV - (MyWebSearchService) -- C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE (MyWebSearch.com)> in the current context!
      Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=down&chnl=down&c d=2XzuyEtN2Y1L1QzuyD0C0A0CyE0CyCzytDtC0F0DtA0D0FyEtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=15916816> in the current context!
      Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=395&systemid=406&sr=0&q={searchTerms}> in the current context!
      Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alawar.es/> in the current context!
      Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=c2000&s={searchTerms}&f=4> in the current context!
      Error: Unable to interpret <IE - HKLM\..\SearchScopes\{0335CCE9-0202-E4D1-17FB-5EAEAA5E707C}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=101&q={searchTerms}> in the current context!
      Error: Unable to interpret <IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCman000&ptnrS=ZCman000&ptb=w36_yg VB3p0p4QayIwqIqA&ind=2011012500&n=77dd9d94&psa=&st =sb&searchfor={searchTerms}> in the current context!
      Error: Unable to interpret <IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=down&chnl=down&c d=2XzuyEtN2Y1L1QzuyD0C0A0CyE0CyCzytDtC0F0DtA0D0FyE tN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1591 6816> in the current context!
      Error: Unable to interpret <IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=395&systemid=406&sr=0&q={searchTerms}> in the current context!
      Error: Unable to interpret <IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}> in the current context!
      Error: Unable to interpret <IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406> in the current context!
      Error: Unable to interpret <IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)> in the current context!
      Error: Unable to interpret <IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=c2000&s={searchTerms}&f=4> in the current context!
      Error: Unable to interpret <IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch> in the current context!
      Error: Unable to interpret <IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=down&chnl=down&c d=2XzuyEtN2Y1L1QzuyD0C0A0CyE0CyCzytDtC0F0DtA0D0FyE tN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=15916816> in the current context!
      Error: Unable to interpret <IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCman000&ptnrS=ZCman000&ptb=w36_yg VB3p0p4QayIwqIqA&ind=2011012500&n=77dd9d94&psa=&st=sb&searchfor={searchTerms}> in the current context!
      Error: Unable to interpret <IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=101&q={searchTerms}> in the current context!
      Error: Unable to interpret <IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=395&systemid=406&sr=0&q={searchTerms}> in the current context!
      Error: Unable to interpret <IE - HKU\S-1-5-21-2849805945-2491920262-2813528639-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}> in the current context!
      Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "Search"> in the current context!
      Error: Unable to interpret <FF - prefs.js..browser.search.selectedEngine: "Search"> in the current context!
      Error: Unable to interpret <FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=adbartrp&q="> in the current context!
      Error: Unable to interpret <FF - prefs.js..browser.search.selectedEngine: "Search"> in the current context!
      Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "Search"> in the current context!
      Error: Unable to interpret <FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"> in the current context!
      Error: Unable to interpret <FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch"> in the current context!
      Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "http://www.alawar.es/"user_pref("browser.startup.homepage", "http://www.mystart.com/?pr=vmn&rlz=1V1IPYX&id=pandasecuritytb&v=3_0");> in the current context!
      Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "http://www.mystart.com/?pr=vmn&rlz=1V1IPYX&id=pandasecuritytb&v=3_0"> in the current context!
      Error: Unable to interpret <FF - prefs.js..backup.old.browser.search.selectedEngine : "Search the web (Babylon)"> in the current context!
      Error: Unable to interpret <FF - prefs.js..backup.old.browser.search.defaultenginen ame: "Search the web (Babylon)"> in the current context!
      Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\[email protected]: C:\Program Files (x86)\MyWebSearch\bar\2.bin [2011/11/22 19:40:39 | 000,000,000 | ---D | M]> in the current context!
      Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\[email protected]: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.728.0\firefox\exten sions [2011/09/05 11:16:07 | 000,000,000 | ---D | M]> in the current context!
      Error: Unable to interpret <[2011/02/16 15:32:44 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\ Profiles\eomuet3i.default\extensions\[email protected]> in the current context!
      Error: Unable to interpret <[2012/07/29 00:23:55 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\ Profiles\eomuet3i.default\extensions\[email protected]> in the current context!
      Error: Unable to interpret <[2011/11/22 19:40:39 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\Yellitza\AppData\Roaming\mozilla\Firefox\ Profiles\eomuet3i.default\extensions\[email protected]> in the current context!
      Error: Unable to interpret <[2011/01/30 12:51:01 | 000,000,000 | ---- | M] () -- C:\Users\Yellitza\AppData\Roaming\Mozilla\Firefox\ Profiles\eomuet3i.default\searchplugins\mywebsearch.xml> in the current context!
      Error: Unable to interpret <[2012/07/27 13:27:18 | 000,000,773 | ---- | M] () -- C:\Users\Yellitza\AppData\Roaming\Mozilla\Firefox\ Profiles\eomuet3i.default\searchplugins\Search.xml> in the current context!
      Error: Unable to interpret <[2010/08/12 06:12:24 | 000,005,529 | ---- | M] () -- C:\Users\Yellitza\AppData\Roaming\Mozilla\Firefox\ Profiles\eomuet3i.default\searchplugins\SearchquWebSearch.xml> in the current context!
      Error: Unable to interpret <CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll> in the current context!
      Error: Unable to interpret <O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)> in the current context!
      Error: Unable to interpret <O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)> in the current context!
      Error: Unable to interpret <O2 - BHO: (adfalkchpr Object) - {4E2EAF46-FE48-4E30-8D7B-1B0C495DFB68} - C:\Windows\$XNTUninstall643$\oouhm.dll File not found> in the current context!
      Error: Unable to interpret <O2 - BHO: (dymanet) - {66ca1279-b25b-9da2-6e2c-e52103313f0b} - C:\Windows\SysWow64\b809b414-3f6e-184e-10ca-0f89c2774823.dll File not found> in the current context!
      Error: Unable to interpret <O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll File not found> in the current context!
      Error: Unable to interpret <O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx. dll File not found> in the current context!
      Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - !{99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.> in the current context!
      Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.> in the current context!
      Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
      Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - !{99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.> in the current context!
      Error: Unable to interpret <O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL (MyWebSearch.com)> in the current context!
      Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx. dll File not found> in the current context!
      Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll File not found> in the current context!
      Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.> in the current context!
      Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
      Error: Unable to interpret <O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Searchqu Toolbar" File not found> in the current context!
      Error: Unable to interpret <O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar" File not found> in the current context!
      Error: Unable to interpret <O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll) - File not found> in the current context!
      Error: Unable to interpret <O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll) - File not found> in the current context!
      Error: Unable to interpret <O33 - MountPoints2\{3440e92c-2588-11e0-81ea-1c75081bf843}\Shell - "" = AutoRun> in the current context!
      Error: Unable to interpret <O33 - MountPoints2\{3440e92c-2588-11e0-81ea-1c75081bf843}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context!
      Error: Unable to interpret <O33 - MountPoints2\{3440e92f-2588-11e0-81ea-1c75081bf843}\Shell - "" = AutoRun> in the current context!
      Error: Unable to interpret <O33 - MountPoints2\{3440e92f-2588-11e0-81ea-1c75081bf843}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context!
      Error: Unable to interpret <O33 - MountPoints2\{3440e934-2588-11e0-81ea-1c75081bf843}\Shell - "" = AutoRun> in the current context!
      Error: Unable to interpret <O33 - MountPoints2\{3440e934-2588-11e0-81ea-1c75081bf843}\Shell\AutoRun\command - "" = F:\AutoRun.exe> in the current context!
      Error: Unable to interpret <O33 - MountPoints2\{44ee2f02-346b-11e0-a567-1c75081bf843}\Shell - "" = AutoRun> in the current context!
      Error: Unable to interpret <O33 - MountPoints2\{44ee2f02-346b-11e0-a567-1c75081bf843}\Shell\AutoRun\command - "" = F:\AutoRun.exe> in the current context!
      Error: Unable to interpret <O33 - MountPoints2\{b0807c62-3b8e-11e0-a4df-1c75081bf843}\Shell - "" = AutoRun> in the current context!
      Error: Unable to interpret <O33 - MountPoints2\{b0807c62-3b8e-11e0-a4df-1c75081bf843}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a> in the current context!
      Error: Unable to interpret <[1 C:\Users\Yellitza\Documents\*.tmp files -> C:\Users\Yellitza\Documents\*.tmp -> ]> in the current context!
      Error: Unable to interpret <[1 C:\Users\Yellitza\AppData\Local\*.tmp files -> C:\Users\Yellitza\AppData\Local\*.tmp -> ]> in the current context!
      Error: Unable to interpret <[2012/07/27 13:27:18 | 000,031,465 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\funmoods.crx> in the current context!
      Error: Unable to interpret <[2012/05/14 05:38:32 | 000,043,976 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\save_en.bmp> in the current context!
      Error: Unable to interpret <[2012/05/14 05:38:08 | 000,043,976 | ---- | C] () -- C:\Users\Yellitza\AppData\Local\save_es.bmp> in the current context!
      Error: Unable to interpret <[2011/03/13 16:31:10 | 000,134,732 | ---- | C] () -- C:\Windows\SysWow64\bef63426-fd61-e73f-14c9-8ed5585874f3.exe> in the current context!
      Error: Unable to interpret <[2011/02/16 15:31:42 | 000,000,000 | ---D | M] -- C:\Users\Yellitza\AppData\Roaming\Babylon> in the current context!
      Error: Unable to interpret <@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:E32966C0> in the current context!
      ========== FILES ==========
      File\Folder C:\Program Files (x86)\MyWebSearch not found.
      File\Folder C:\Program Files (x86)\ClickPotatoLite not found.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: All Users

      User: Default

      User: Default User

      User: Public

      User: Yellitza
      ->Flash cache emptied: 0 bytes

      Total Flash Files Cleaned = 0.00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Public

      User: Yellitza
      ->Temp folder emptied: 107757 bytes
      ->Temporary Internet Files folder emptied: 41174 bytes
      ->FireFox cache emptied: 0 bytes
      ->Google Chrome cache emptied: 8272816 bytes
      ->Flash cache emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 66016 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 8.00 mb

      Restore point Set: OTL Restore Point

      OTL by OldTimer - Version 3.2.59.1 log created on 08312012_230000

      Files\Folders moved on Reboot...
      C:\Users\Yellitza\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
      File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...
      Última edición por ELMO ROIDES fecha: 31/08/12 a las 23:07:16

    4. #4
      Usuario Avatar de ELMO ROIDES
      Registrado
      ago 2012
      Ubicación
      Puerto Rico
      Mensajes
      3

      Articulo Re: Searchnu.com/406

      Le doy un al AT- DESTROYER Este programa si que es un éxito rotundo muchas gracias...

    5. #5
      Ex-Colaborador Avatar de Xtreme Hero
      Registrado
      dic 2010
      Ubicación
      España
      Mensajes
      9.014

      Re: Searchnu.com/406

      Hola de nuevo,

      Indícanos si restan dudas para ir cerrando el tema

      Salu2
      Lucha Hasta El Final

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.