Eliminar BLEKKO (Solucionado)

**adiskide** · 16/10/12, 18:12:27

hola,

no he instalado la barra de navegador ni lo he instalado de motor de busqueda pero desde hace unos días se ha convertido en mi motor de busqueda y quiera eliminar blakko.

Ahora bien siguiendo varios "solucionados" de la Web

he aplicado AT-Destroyer y después OTL según indicabaís aquí: http://www.forospyware.com/t435663.html

Pego reportes y espero paso a Seguir

Gracias.

AT DESTROYER

################################################## ## A/T-Destroyer by InfoSpyware ############

A/T-Destroyer 1.0.7 By Infospyware
www.infospyware.com
Fecha iniciada en el analisis 14/10/2012
Hora iniciada en el analisis 23:15:22,90
Usuario Actual : [C:\Users\MediaMarkt]
Sistema Operativo: Windows 7 Home Premium
Arquitectura: Sistema operativo de 64 bits
Versión Internet Explorer: 9.0.8112.16421
Modo Actual: Modo Normal.
Privilegios: [MediaMarkt-Administrador]
Versión Google Chrome:
Versión Mozilla Firefox: 15.0.1

====== Servicios Eliminados By A/T-Destroyer ======

====== Claves Eliminadas By A/T-Destroyer ======

HKEY_CLASSES_ROOT\AppID\escort.DLL
HKEY_CLASSES_ROOT\AppID\escort.DLL
HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}\1.0
HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}\1.0\0\win32
HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}\1.0\FLAGS
HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}\1.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\AppPaths
HKEY_LOCAL_MACHINE\SOFTWARE\Conduit\AppPaths\clien t
HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
HKEY_LOCAL_MACHINE\SOFTWARE\Iminent
HKEY_CURRENT_USER\SOFTWARE\Iminent
HKEY_CURRENT_USER\SOFTWARE\Iminent

====== Archivos/Carpetas Eliminados By A/T-Destroyer ======

C:\Users\MediaMarkt\Appdata\Local\GDIPFONTCACHEV1. DAT
C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml

====== Información Extra ======

-_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
"HKCU\Software\Microsoft\Internet Explorer\Main"
Start Page == http://www.google.com
Search Page == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Local Page == C:\Windows\system32\blank.htm

"HKLM\Software\Microsoft\Internet Explorer\Main"
Start Page == http://www.google.com
Search Page == http://go.microsoft.com/fwlink/?LinkId=54896
Local Page == C:\WINDOWS\SYSTEM32\blank.htm
Default_Search_URL == http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL == http://go.microsoft.com/fwlink/?LinkId=69157

"HKEY_USERS\S-1-5-21-2518580067-1630595400-3000964315-1000\Software\Microsoft\Internet Explorer\Main"
Start Page == http://www.google.com
Search Page == http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Local Page == C:\Windows\system32\blank.htm

-_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
"homepage": "http://www.google.com/",
"homepage_changed": true,
"homepage_is_newtabpage": false,
-_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
"homepage": "http://www.google.com/",
"homepage_changed": true,
"homepage_is_newtabpage": false,

-_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
user_pref("pref.browser.homepage.disable_button.cu rrent_page", false);
user_pref("pref.browser.homepage.disable_button.re store_default", false);
user_pref("browser.startup.homepage", "http://google.com");

======= EOF =======

OTL

OTL.TXT

OTL logfile created on: 14/10/2012 23:22:38 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MediaMarkt\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 46,00% Memory free
7,99 Gb Paging File | 5,45 Gb Available in Paging File | 68,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,99 Gb Total Space | 59,40 Gb Free Space | 20,84% Space Free | Partition Type: NTFS
Drive D: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 14,91 Gb Total Space | 2,54 Gb Free Space | 17,06% Space Free | Partition Type: FAT32

Computer Name: JORGET-PC | User Name: MediaMarkt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/14 23:20:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MediaMarkt\Downloads\OTL.exe
PRC - [2012/10/13 17:33:03 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/10/09 01:51:13 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_11_4_402_287.exe
PRC - [2012/08/24 11:15:11 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012/08/21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/05/24 22:19:29 | 002,152,720 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2012/05/24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\MediaMarkt\AppData\Roaming\Dropbox\bin\Dr opbox.exe
PRC - [2012/03/02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012/03/01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
PRC - [2012/02/28 16:59:48 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2012/01/18 14:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/01/13 19:18:07 | 000,527,312 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2012/01/13 19:17:40 | 000,476,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2011/07/27 03:39:33 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\TweetDeck\TweetDeck.exe
PRC - [2011/05/06 09:59:00 | 000,593,920 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
PRC - [2010/10/24 07:48:31 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/06/29 00:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/06/29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 18:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/01/29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Archivos de programa\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/18 15:05:36 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009/10/29 03:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009/08/18 11:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2008/11/06 00:59:50 | 001,500,424 | ---- | M] (Acresso Software Inc.) -- C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
PRC - [2008/11/06 00:59:50 | 001,500,424 | ---- | M] (Acresso Software Inc.) -- C:\Cracked License Manager 10\lmgrd.exe
PRC - [2008/08/02 08:57:14 | 001,757,184 | ---- | M] () -- C:\Program Files (x86)\ArcGIS\License10.0\bin\ARCGIS.exe
PRC - [2003/05/15 01:19:50 | 000,217,193 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe

========== Modules (No Company Name) ==========

MOD - [2012/10/13 17:33:00 | 002,294,240 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/10/09 01:51:13 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_40 2_287.dll
MOD - [2012/09/03 22:41:32 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceProce#\2516a49d10f4418f72e1c25f691815a8 \System.ServiceProcess.ni.dll
MOD - [2012/09/03 22:39:25 | 000,762,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Runtime.Remo#\0f9d7198d2c0a3953fb59b1aca0d35f7 \System.Runtime.Remoting.ni.dll
MOD - [2012/09/03 03:21:45 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Pre sentationCore\fe068ba4be8f6cb7d6a58bccff05c75e\Pre sentationCore.ni.dll
MOD - [2012/09/03 03:21:42 | 013,197,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Windows.Forms\54d61af44b1dedee6aea0d1bbc46b13a \System.Windows.Forms.ni.dll
MOD - [2012/09/03 03:21:30 | 003,856,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Win dowsBase\62f103f9e662d263ec2ecacc49d4525b\WindowsB ase.ni.dll
MOD - [2012/09/03 03:21:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Drawing\4a668799513e369a54fdab8b3f74de92\Syste m.Drawing.ni.dll
MOD - [2012/09/03 03:11:07 | 005,618,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Xml\5ee8bf77e7b3e25cdbff6e1c299574fe\System.Xm l.ni.dll
MOD - [2012/09/03 0357 | 000,980,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem.Configuration\0c8e950df17a0abec10888e8ad966cbe \System.Configuration.ni.dll
MOD - [2012/09/03 0332 | 009,090,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Sys tem\6f399163bb35597da7141ccdb7f39d16\System.ni.dll
MOD - [2012/09/03 0324 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\msc orlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni .dll
MOD - [2012/06/14 03:31:24 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Forms\7b7fbe651c6e72f12099a298654c9594 \System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:31:14 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\Syste m.Drawing.ni.dll
MOD - [2012/05/09 15:56:25 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAS torUtil\701baa4d78031ac5130eadea085bbebf\IAStorUti l.ni.dll
MOD - [2012/05/09 15:42:15 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c \System.Runtime.Remoting.ni.dll
MOD - [2012/05/09 15:42:12 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data\f3814b488d9e083cbbc623e01b389f09\System.D ata.ni.dll
MOD - [2012/05/09 15:41:17 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Win dowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsB ase.ni.dll
MOD - [2012/05/09 15:41:10 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xm l.ni.dll
MOD - [2012/05/09 15:41:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d \System.Configuration.ni.dll
MOD - [2012/05/09 15:41:05 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/09 15:40:58 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\msc orlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni .dll
MOD - [2011/11/10 23:59:04 | 004,770,176 | ---- | M] () -- c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll
MOD - [2011/10/05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2011/07/27 03:39:33 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\TweetDeck\TweetDeck.exe
MOD - [2011/05/06 09:59:00 | 001,515,520 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll
MOD - [2011/05/06 09:59:00 | 000,593,920 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
MOD - [2011/05/06 09:59:00 | 000,559,244 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll
MOD - [2011/05/06 09:59:00 | 000,516,599 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll
MOD - [2011/05/06 09:59:00 | 000,385,024 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\HtcDetect.dll
MOD - [2011/05/06 09:59:00 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll
MOD - [2011/05/06 09:59:00 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll
MOD - [2011/05/06 09:59:00 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll
MOD - [2010/11/13 02:33:59 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2. 0.0.0_es_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b7 7a5c561934e089\System.Data.dll
MOD - [2010/10/24 07:48:31 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2010/06/29 00:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll

========== Services (SafeList) ==========

SRV - [2012/10/13 17:33:02 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/09 01:51:13 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/24 22:19:29 | 002,152,720 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012/03/02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012/03/02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.ex e -- (SimpleSlideShowServer)
SRV - [2012/01/13 19:17:40 | 000,476,112 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2011/06/13 20:19:59 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/06/02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/04/13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 19:57:52 | 000,841,248 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Archivos de programa\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010/01/29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Archivos de programa\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/27 1216 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Archivos de programa\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2008/11/06 00:59:50 | 001,500,424 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe -- (ArcGIS License Manager)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/20 13:41:18 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/13 19:08:23 | 000,026,536 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2012/01/13 19:07:30 | 000,106,408 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2011/08/17 11:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011/08/17 11:04:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011/06/08 01:18:13 | 000,828,912 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/06/25 17:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010/06/21 21:37:38 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/06/03 21:59:00 | 004,171,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/05/11 12:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/28 08:21:38 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010/04/28 08:21:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/04/13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/12/10 13:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/11/01 20:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/09/23 04:25:22 | 000,144,496 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/09/02 03:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/27 09:04:36 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/06/11 07:34:38 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/03/26 22:20:08 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/03/26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2518580067-1630595400-3000964315-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2518580067-1630595400-3000964315-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2518580067-1630595400-3000964315-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-2518580067-1630595400-3000964315-1000\..\SearchScopes\{A450A0EF-3C66-446E-B617-84311EF5F7AE}: "URL" = http://es.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
IE - HKU\S-1-5-21-2518580067-1630595400-3000964315-1000\..\SearchScopes\{EFF9AC23-D660-452C-BC5A-6C8A6B987478}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU3&o=15380&src=kw&q={searc hTerms}&locale=&apn_ptnrs=UJ&apn_dtid=YYYYYYYYES&a pn_uid=d69a4009-db91-46e4-8f4f-9d7992d1b26f&apn_sauid=CDBD6E77-1F45-4A6C-9D03-CA2D7694A1B7
IE - HKU\S-1-5-21-2518580067-1630595400-3000964315-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://google.com"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.7.3
FF - prefs.js..extensions.enabledAddons: [email protected]:1.2.3
FF - prefs.js..extensions.enabledAddons: {C9B68337-E93A-44EA-94DC-CB300EC06444}:5.30.4
FF - prefs.js..extensions.enabledAddons: {87934c42-161d-45bc-8cef-ef18abe2a30c}:2.2
FF - prefs.js..extensions.enabledAddons: [email protected]:7.0.1466
FF - prefs.js..extensions.enabledAddons: {37fa1426-b82d-11db-8314-0800200c9a66}:2.9.13
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..keyword.URL: "http://google.com"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_40 2_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_40 2_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\Video Convert Master\codec\real\browser\plugins\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\Video Convert Master\codec\real\browser\plugins\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\MediaMarkt\AppData\Local\Facebook\Video\S kype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\[email protected]: C:\Program Files (x86)\Iminent\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/10/04 00:02:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/13 17:33:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/06/14 19:43:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Extens ions
[2012/10/12 07:13:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefo x\Profiles\nqvazmq7.default\extensions
[2012/09/25 02:39:07 | 000,000,000 | ---D | M] (Ad-Aware Security Add-on) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefo x\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2012/09/02 19:17:54 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefo x\Profiles\nqvazmq7.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012/05/13 2352 | 000,157,911 | ---- | M] () (No name found) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\firefo x\profiles\nqvazmq7.default\extensions\grwatcher@a jnasz.hu.xpi
[2011/10/27 18:51:08 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\firefo x\profiles\nqvazmq7.default\extensions\youtube2mp3 @mondayx.de.xpi
[2012/10/12 07:13:06 | 000,196,700 | ---- | M] () (No name found) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\firefo x\profiles\nqvazmq7.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
[2012/10/13 17:32:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/10/13 17:32:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/10/04 00:02:10 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/10/13 17:33:03 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/06 05:35:44 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/09/06 05:35:44 | 000,003,882 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
[2012/09/06 05:35:44 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
[2011/09/22 15:57:56 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012/10/13 17:32:58 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/09/06 05:35:44 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
[2012/09/06 05:35:44 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google:originalQueryForSuggestion}{go ogle:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEnco ding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}{google:instantFieldTrialGroupParame ter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - Extension: No name found = C:\Users\MediaMarkt\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnp ncnbda\6.0.1125_0\
CHR - Extension: No name found = C:\Users\MediaMarkt\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnp ncnbda\6.0.1289_0\

O1 HOSTS File: ([2012/03/27 05:27:41 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Aplicación auxiliar de vínculos de Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2518580067-1630595400-3000964315-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Archivos de programa\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Archivos de programa\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKU\S-1-5-21-2518580067-1630595400-3000964315-1000..\Run: [ContactKeeper Birthday reminder] C:\Program Files (x86)\ContactKeeper\ContactKeeper.exe (ContactKeeper)
O4 - HKU\S-1-5-21-2518580067-1630595400-3000964315-1000..\Run: [Facebook Update] C:\Users\MediaMarkt\AppData\Local\Facebook\Update\ FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f File not found
O4 - Startup: C:\Users\MediaMarkt\AppData\Roaming\Microsoft\Wind ows\Start Menu\Programs\Startup\ArcGIS License Manager 10 CRACKED.lnk = C:\Cracked License Manager 10\start_lic_mgr_invisible.vbs ()
O4 - Startup: C:\Users\MediaMarkt\AppData\Roaming\Microsoft\Wind ows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\MediaMarkt\AppData\Roaming\Dropbox\bin\Dr opbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2518580067-1630595400-3000964315-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 87.216.1.65 87.216.1.66
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{2ECA5531-FBD1-4CE1-898A-C2F334A63542}: DhcpNameServer = 87.216.1.65 87.216.1.66
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{57DC28E9-DF5C-4D5B-872F-653AB4E814E7}: DhcpNameServer = 87.216.1.65 87.216.1.66
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{B2268AB4-B7D5-44D0-8795-E18C9E005B57}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/10/14 23:15:20 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
[2012/10/13 17:32:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/10/11 18:43:06 | 000,000,000 | ---D | C] -- C:\Users\MediaMarkt\Desktop\100NCD40
[2012/10/03 23:40:56 | 000,000,000 | ---D | C] -- C:\Users\MediaMarkt\Desktop\CONGRESO TIG
[2012/10/03 23:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/10/03 18:05:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Blekko Removal Tool
[2012/10/02 16:44:52 | 000,000,000 | ---D | C] -- C:\Users\MediaMarkt\Desktop\Lupus
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/14 23:11:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/14 22:51:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/14 22:23:34 | 000,075,619 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\SUPLEMENTO.xps
[2012/10/14 22:22:33 | 000,000,362 | ---- | M] () -- C:\Windows\SysWow64\~.inf
[2012/10/14 22:20:01 | 000,005,092 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\Predeterminado.ini
[2012/10/14 20:43:10 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2518580067-1630595400-3000964315-1000UA.job
[2012/10/14 19:39:32 | 000,009,920 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/14 19:39:32 | 000,009,920 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/14 19:34:59 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/14 19:32:30 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2518580067-1630595400-3000964315-1000Core.job
[2012/10/14 19:23:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/12 02:09:08 | 001,149,934 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\IMAG0060.jpg
[2012/10/12 01:04:42 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012/10/12 01:03:55 | 3219,632,128 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/12 00:57:30 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/10/12 00:57:30 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/10/09 03:21:08 | 000,369,967 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\practicaspasado.jpg
[2012/10/05 17:38:29 | 001,564,492 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/05 17:38:29 | 000,707,438 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2012/10/05 17:38:29 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/05 17:38:29 | 000,138,974 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2012/10/05 17:38:29 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/05 16:23:04 | 001,323,296 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\100_2297.JPG
[2012/10/04 02:52:54 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/10/04 00:02:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/10/03 23:35:19 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/03 23:07:46 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/09/28 04:23:09 | 000,002,050 | -H-- | M] () -- C:\Users\MediaMarkt\Documents\Default.rdp
[2012/09/26 11:52:42 | 000,000,089 | ---- | M] () -- C:\Users\MediaMarkt\.grassrc6
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/14 23:15:20 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
[2012/10/14 23:15:20 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
[2012/10/14 23:15:20 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
[2012/10/14 22:23:31 | 000,075,619 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\SUPLEMENTO.xps
[2012/10/14 22:20:00 | 000,005,092 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\Predeterminado.ini
[2012/10/12 18:25:15 | 001,149,934 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\IMAG0060.jpg
[2012/10/12 01:04:41 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012/10/09 03:21:06 | 000,369,967 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\practicaspasado.jpg
[2012/10/05 13:35:44 | 001,323,296 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\100_2297.JPG
[2012/09/26 11:52:41 | 000,000,089 | ---- | C] () -- C:\Users\MediaMarkt\.grassrc6
[2012/08/12 0209 | 000,175,104 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012/08/12 0209 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\libfaac.dll
[2012/06/08 01:41:07 | 000,000,850 | ---- | C] () -- C:\Users\MediaMarkt\.recently-used.xbel
[2012/03/29 04:57:05 | 001,559,018 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/26 22:17:33 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/03/26 22:17:33 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/03/20 20:41:35 | 000,000,020 | ---- | C] () -- C:\Users\MediaMarkt\defogger_reenable
[2011/12/13 03:57:59 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\DVM.dll
[2011/12/13 03:57:59 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx13_ic.ini
[2011/12/13 03:57:58 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\CSVSpecialProcessing.dll
[2011/12/13 03:57:58 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\SARzilla.dll
[2011/12/13 03:57:58 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\RegisterExe.exe
[2011/12/09 11:13:21 | 000,000,498 | ---- | C] () -- C:\Windows\wininit.ini
[2011/11/06 01:38:15 | 000,084,480 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/10/13 06:12:04 | 000,000,964 | ---- | C] () -- C:\Users\MediaMarkt\.ufrawrc
[2011/06/14 19:43:25 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/10/24 07:48:38 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010/10/24 07:48:38 | 000,113,264 | ---- | C] () -- C:\Windows\FixUVC.exe
[2010/10/24 07:48:38 | 000,000,302 | ---- | C] () -- C:\Windows\PidList_C.ini

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/03/22 08:05:35 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\com.adobe.down loadassistant.AdobeDownloadAssistant
[2012/10/14 22:31:57 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\Dropbox
[2012/02/29 15:14:38 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\ESRI
[2012/02/01 07:29:01 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\FileZilla
[2012/06/02 05:06:28 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\FreeAudioPack
[2012/03/30 07:06:14 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\Groovedown
[2012/06/08 01:41:07 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\gtk-2.0
[2012/01/23 20:32:54 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\HTC
[2012/01/24 02:42:06 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\HTC.388BC06ACD AB6261375BCE37FBA2E023C0D7EE34.1
[2011/07/16 19:37:32 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\OpenOffice.org
[2011/11/02 07:57:29 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\Opera
[2012/06/12 04:30:50 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\RStudio
[2012/07/18 09:14:17 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\Samsung
[2011/12/21 05:59:57 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\SmartStats
[2011/12/13 03:58:38 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\Softinterface, Inc
[2011/09/20 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\Thunderbird
[2011/06/20 21:16:31 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\TweetDeckFast. FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2012/08/06 14:07:35 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012/10/12 01:03:53 | 000,012,324 | ---- | M] () -- C:\aaw7boot.log
[2012/03/27 03:58:37 | 000,003,307 | ---- | M] () -- C:\aswBoot.log
[2012/10/14 23:16:44 | 000,003,382 | ---- | M] () -- C:\AT-Destroyer.txt
[2010/09/03 09:03:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012/03/27 05:51:25 | 000,023,469 | ---- | M] () -- C:\ComboFix.txt
[2012/10/12 01:03:55 | 3219,632,128 | -HS- | M] () -- C:\hiberfil.sys
[2006/12/02 00:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2012/10/12 01:03:58 | 4292,845,568 | -HS- | M] () -- C:\pagefile.sys
[2012/10/14 23:15:23 | 000,000,266 | ---- | M] () -- C:\prueba.txt
[2010/09/03 08:44:02 | 000,002,979 | ---- | M] () -- C:\RHDSetup.log
[2012/03/27 17:11:16 | 000,000,503 | ---- | M] () -- C:\rkill.log
[2012/03/26 22:40:40 | 000,254,690 | ---- | M] () -- C:\TDSSKiller.2.7.23.0_26.03.2012_22.28.36_log.txt
[2012/10/14 23:16:49 | 000,000,162 | -H-- | M] () -- C:\~$-Destroyer.txt

< %PROGRAMFILES%\*.* >
[2009/07/14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >

Gracias

**adiskide** · 16/10/12, 18:13:17

EXTRA OTL , que no me deja pegarlo todo junto.

EXTRA

OTL Extras logfile created on: 14/10/2012 23:22:38 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MediaMarkt\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 46,00% Memory free
7,99 Gb Paging File | 5,45 Gb Available in Paging File | 68,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,99 Gb Total Space | 59,40 Gb Free Space | 20,84% Space Free | Partition Type: NTFS
Drive D: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 14,91 Gb Total Space | 2,54 Gb Free Space | 17,06% Space Free | Partition Type: FAT32

Computer Name: JORGET-PC | User Name: MediaMarkt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html[@ = Opera.HTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-2518580067-1630595400-3000964315-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{03DAD258-8EE5-47A9-9563-586A75CBC4E7}" = rport=137 | protocol=17 | dir=out | app=system |
"{28BB9EFD-7CBE-4C97-8F47-7DA15C461E7A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2B0D4A67-71E5-4886-8AD9-521DF8C2FCF7}" = rport=139 | protocol=6 | dir=out | app=system |
"{2E01A3D9-872C-4870-A9D2-EDF5B417646D}" = lport=445 | protocol=6 | dir=in | app=system |
"{39EB27A0-0E72-4D17-B617-E46D086C56DE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3E0B3C73-8D82-4289-B63B-7F4598BED05E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{49B05BCB-CA91-42C5-B009-F603569EDE21}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{598C0713-5BF0-4137-ACC9-0555508DA9C5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{68D03770-A9E6-4D75-9649-1ABEC52000D6}" = lport=139 | protocol=6 | dir=in | app=system |
"{6C5B3201-8258-4C45-8BE5-66BE0F124283}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{70CFEE71-6FB2-492F-BD4C-5560CA3ED0DB}" = lport=137 | protocol=17 | dir=in | app=system |
"{7C182E9E-F382-4022-9EDD-C4B69908AE11}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D2ADDC4-394D-479E-A2BE-4E4D50A86CB6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8B84BDFF-792A-4878-953F-58C5735A1EBE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{97E7D475-A636-4C62-912D-306640EBC854}" = rport=445 | protocol=6 | dir=out | app=system |
"{9D7B8DF4-5573-449A-A7EE-7BE43650CEBA}" = rport=138 | protocol=17 | dir=out | app=system |
"{A2AD964D-1884-4BEA-B701-2F288AC330C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C0E6802C-945F-42EA-B06C-7A3CB4D78143}" = lport=138 | protocol=17 | dir=in | app=system |
"{C8937367-CF8B-420A-B902-E3AF349FDF3B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C8FBE4A9-155F-48D9-838D-5BE3E47EA222}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E1B14F6C-7624-425F-9B8C-990324456E5D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F2682911-B967-48B6-8DA6-30EC19435F4D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F2A8FA04-6A28-4A7F-B8F6-925DF1D03EF3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE46E325-22BD-4A42-AF43-8F12714C5781}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{03AD0C5C-0CA4-4C30-A07E-8ABD49E90A17}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{05309F9B-4FFF-4B5E-83DF-D83ADC9E00B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{07437CC8-1632-4567-A313-8912657ECBBF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0793E614-5167-4488-82A0-CA2D58997225}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{0F01A752-4012-484C-8A14-CA9ADA00F512}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{11BBD9E1-F9BE-45FD-9D0F-11738628DF55}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{16D3BDF0-39E8-4CE3-9671-9863A657AAD9}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{1CF1DF4B-9347-45EF-88B5-62504DA4CCB3}" = protocol=6 | dir=out | app=system |
"{21085600-22E9-444A-A072-8159D4EB7022}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe |
"{226CC419-1894-4EC1-847B-E27189AF36F2}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{230E61C5-C1FC-4E1E-A25E-DD1FAB12A14B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{283F7D6C-763A-4703-AD9D-D8A74B3CD59E}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{2C59D963-47D8-465A-AFC1-8B2E93CBE01E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{2D9D8CCC-1337-4EE8-9237-4A5A603CC499}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2DDD4BFA-D220-49A7-BE0A-AD046A2E6619}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{33040112-CAAB-499F-841F-D6AEAA14490A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{34A23565-9AA2-4340-B4C3-EC6C9C14D9AD}" = protocol=17 | dir=in | app=c:\users\mediamarkt\appdata\roaming\dropbox\bi n\dropbox.exe |
"{460E03C4-7217-4BB8-A3D4-3EAB6EFEEAE6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{484F55CD-24ED-42DD-9217-D159F01E04ED}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{5091BE1A-2AAF-40ED-BD6D-698683E9468E}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{50DB0A30-6771-4665-9D7D-C3FF8D1F14BC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{540F2390-E144-4C05-87AE-E8AE2C779F35}" = protocol=6 | dir=in | app=c:\users\mediamarkt\appdata\roaming\dropbox\bi n\dropbox.exe |
"{5C0FB0AC-ED82-455F-B67F-E86FC82541FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{72DD5857-15E9-43E1-B79E-B7984ECFC392}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{738EDC94-0AD2-4317-B3B9-4DF7AEB012AE}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{83F74890-16C2-4F07-888A-27AE58D6C964}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{88B4675D-221B-4E40-9E0B-7ED42F994BB6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8A8F6336-1BAE-4A51-96B8-89A92D6EA6D0}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8E478CF6-2F5A-4B90-AF50-521367CBF096}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{8F8F043E-3D0D-4F43-B263-91907AAF68DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A97E540B-4AF0-4859-96EC-99B48E6FF4A5}" = dir=in | app=c:\users\mediamarkt\appdata\local\facebook\vid eo\skype\facebookvideocalling.exe |
"{AE56BCCD-1C5F-48C0-A043-E4BC65554DA0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B4830E8A-67A8-4FEC-AE7C-0F768E49F192}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B51163BD-FB1B-4A70-93D1-C97E8D4A377C}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{B5A5C65B-F15D-4473-8356-03ED1C032256}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C0BC83C1-87F1-46E4-A93F-CE7882A85381}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{C1328A1C-9E6B-4873-9AE3-2A5610035206}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CAEDD402-E03F-4291-BB61-5D140B169AA8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CD25497B-AA29-413B-B184-9CB4D5B912D3}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe |
"{D22815C6-0126-4D62-AC8F-D9B7964AFB63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D2E4CD50-87FC-4BAF-A0E1-BAF2AE11ED39}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{D6C56682-6EE1-41B4-A5EB-807CA03B70BF}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{EE00F6BF-7B53-4548-9863-9F03C0B6EECB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F969BED3-0964-4347-A3F6-D14BD616A4DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FAA318BB-0B66-42B2-AD8B-0E5FBFF5D2A3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{1646923A-BB37-4AD3-A43E-8243966FB529}C:\cracked license manager 10\lmgrd.exe" = protocol=6 | dir=in | app=c:\cracked license manager 10\lmgrd.exe |
"TCP Query User{16DD3A9D-070C-45A2-9EFF-75400F8049CA}C:\cracked license manager 10\arcgis.exe" = protocol=6 | dir=in | app=c:\cracked license manager 10\arcgis.exe |
"TCP Query User{28C79F2E-8BC2-4CF1-9F1B-89CBDF1C6BD4}C:\cracked license manager 10\lmgrd.exe" = protocol=6 | dir=in | app=c:\cracked license manager 10\lmgrd.exe |
"TCP Query User{305E9BCE-F27B-42CA-9777-69A015BC939E}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{3F7A9DF5-A24C-4B26-B022-8888BB2CE7A7}C:\users\mediamarkt\desktop\utorrent. exe" = protocol=6 | dir=in | app=c:\users\mediamarkt\desktop\utorrent.exe |
"TCP Query User{47D471FF-E624-4EE0-8BD4-D0D0E4AFD6FD}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{96202A4C-923E-49D7-A346-87BF35E4C7A0}C:\users\mediamarkt\appdata\roaming\d ropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\mediamarkt\appdata\roaming\dropbox\bi n\dropbox.exe |
"UDP Query User{24535AD6-160C-4109-A0F5-AC63A23269F0}C:\cracked license manager 10\lmgrd.exe" = protocol=17 | dir=in | app=c:\cracked license manager 10\lmgrd.exe |
"UDP Query User{4B7730C8-8785-4609-AB62-7778A18A9894}C:\users\mediamarkt\desktop\utorrent. exe" = protocol=17 | dir=in | app=c:\users\mediamarkt\desktop\utorrent.exe |
"UDP Query User{58A61009-CA74-4567-BD33-FD64878740F0}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{6166FD02-C177-418C-ADE0-CD1EB3CED010}C:\users\mediamarkt\appdata\roaming\d ropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\mediamarkt\appdata\roaming\dropbox\bi n\dropbox.exe |
"UDP Query User{C864270E-8191-4291-BD5A-35F16884CBE3}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{CE797147-DE39-4E6B-AFB0-5C16F0C298DE}C:\cracked license manager 10\lmgrd.exe" = protocol=17 | dir=in | app=c:\cracked license manager 10\lmgrd.exe |
"UDP Query User{DC91EAA2-9354-4EDA-AF3C-39BB9B0E9190}C:\cracked license manager 10\arcgis.exe" = protocol=17 | dir=in | app=c:\cracked license manager 10\arcgis.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{C3C912BB-BF4B-3788-8A19-DA5B999CE0C6}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"R for Windows 2.13.0_is1" = R for Windows 2.13.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1DD1D1E9-FC96-4B17-BE0A-A5481F8B0D67}" = ArcGIS License Manager 10
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Herramienta de carga de Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2B83A043-BA8C-4164-98AA-29529D0BE756}" = Windows Live Essentials
"{2E295B5B-1AD4-4d36-97C2-A316084722CF}" = Python 2.7.2
"{30120000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2007 (Beta)
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3262A80D-6C16-407F-A2FF-A8937696C392}" = HTC Sync
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56A3E28A-286F-4544-A1A5-EBDDE6F6A2EB}" = Visual FoxPro 7.0 Professional - Spanish
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64665955-E1A1-4A8B-BFFA-673A95318909}" = ArcGIS Desktop 10
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6E3C58E8-60EA-4019-BA73-B615B69C61F8}" = Google Book Downloader
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{726D1868-50CF-4DF5-B4EB-F67150DD82DB}" = Windows Live Movie Maker
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{7593234B-2AEB-4FC9-B02D-C9B30D86084C}" = Windows Live Asistente para el inicio de sesión
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{85BE320B-A37D-42DA-B9BE-20A40B6A05E3}" = Cisco AnyConnect Secure Mobility Client
"{8924FD04-AFF1-4387-B08B-6A979485F2BD}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A226CC6-1930-421E-97EB-978EA7D8AF46}" = MBT SmartStats for Basketball
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-042D-0000-0000000FF1CE}_ENTERPRISE_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0456-0000-0000000FF1CE}_ENTERPRISE_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0C0A-1000-0000000FF1CE}_ENTERPRISE_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0C0A-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Spanish) 2007
"{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{914DD274-9C5D-44CA-9AC7-12B8D2D4DA08}" = Windows Live Sync
"{949D34E5-F53F-4830-9A50-1E2C39109043}_is1" = PNotes 7.5.110
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E7BA2E1-D2FE-427B-8498-3046C40B1770}" = TTS Enginge - SAPI 5.1
"{A7BBE3D6-F19A-40E6-96EC-84E1DC88F262}" = Galería fotográfica de Windows Live
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
"{AC76BA86-7AD7-1034-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Español
"{B8583CB3-8ABE-407E-8BC6-F9A83EAC9133}" = Windows Live Writer
"{BEC001F9-0451-4396-92D7-E1A4E7854BF3}" = Windows Live Mail
"{C2C96499-289B-11D5-A54A-0090278A1BB8}" = Visual FoxPro 7.0 Baseline - Spanish
"{C4156B59-DD7E-40DF-AF08-E568A27A6409}" = Windows Live Messenger
"{CE246151-F0E8-ABC8-AEB2-7F3E188EFBF5}" = TweetDeck
"{D0046F17-A170-4E07-A349-F1BCB3A8A8EB}" = Ad-Aware
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.192.810
"{D4911E92-A059-4901-8AB3-8638B6D96456}_is1" = Groovedown versión 0.84
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FBF66A8C-39A9-4079-911F-1AA8845AD907}" = FastPictureViewer WIC Codec Pack 1.30
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"1489-3350-5074-6281" = JDownloader 0.9
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"adawaretb" = Ad-Aware Security Toolbar
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ArcGIS Desktop 10" = ArcGIS Desktop 10
"ArcGIS Desktop 10 SP1" = ArcGIS Desktop 10 Service Pack 1
"ArcGIS License Manager 10" = ArcGIS License Manager 10
"aTube Catcher" = aTube Catcher
"avast" = avast! Free Antivirus
"AVS Audio Converter_is1" = AVS Audio Converter 7
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"Basketball Playbook 010_is1" = Basketball Playbook 010
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"com.adobe.downloadassistant.AdobeDownloadAssistan t" = Adobe Download Assistant
"ContactKeeper_is1" = ContactKeeper 1.4.3
"Convert XLS_is1" = Convert XLS
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.5.0
"GridVista" = Acer GridVista
"HTMLKit_is1" = HTML-Kit
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"JPEG-EXIF_autorotate" = JPEG-EXIF_autorotate
"LManager" = Launch Manager
"LoqTTS-Jorge_is1" = Loquendo TTS: Jorge (Spanish)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versión 1.65.0.1400
"Mendeley Desktop" = Mendeley Desktop 0.9.9.2
"Mozilla Firefox 16.0.1 (x86 es-ES)" = Mozilla Firefox 16.0.1 (x86 es-ES)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Quantum GIS Copiapo" = Quantum GIS Copiapo 1.6.0
"RStudio" = RStudio
"SopCast" = SopCast 3.5.0
"Speak Aloud_is1" = Speak Aloud 2.0
"Split MP3_is1" = Split MP3 1.0
"SpywareBlaster_is1" = SpywareBlaster 4.6
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC 56543.1" = TweetDeck
"UFRaw_is1" = UFRaw 0.18
"uTorrent" = µTorrent
"Visual FoxPro 7.0 Professional - Spanish" = Microsoft Visual FoxPro 7.0 Professional - Spanish
"VLC media player" = VLC media player 1.0.1
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = Compresor WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2518580067-1630595400-3000964315-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall]
"Dropbox" = Dropbox
"Gnumeric" = Gnumeric Spreadsheet 1.10.14-20110324

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/09/2012 0:57:16 | Computer Name = Jorget-PC | Source = SideBySide | ID = 16842832
Description = Error al generar el contexto de activación para "C:\Users\MediaMarkt\Downloads\SoftonicDownloader_ para_clipspeak.exe".
Error en el archivo de manifiesto o directiva "" en la línea . Una versión de componente
requerida por la aplicación está en conflicto con la versión de otro componente
activo. Los componentes en conflicto son:. Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows. common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6 975e2bd6f2b2.manifest.
Componente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.window s.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa39 6087175ac9ac.manifest.

Error - 12/09/2012 9:31:50 | Computer Name = Jorget-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 12/09/2012 9:36:20 | Computer Name = Jorget-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 13/09/2012 10:17:06 | Computer Name = Jorget-PC | Source = SideBySide | ID = 16842815
Description = Error al generar el contexto de activación para "c:\program files\R\r-2.13.0\Tcl\bin64\tk85.dll".
Error en el archivo de manifiesto o directiva "c:\program files\R\r-2.13.0\Tcl\bin64\tk85.dll"
en la línea 9. El valor "x64" del atributo "processorArchitecture" del elemento
"assemblyIdentity" no es válido.

Error - 17/09/2012 16:20:23 | Computer Name = Jorget-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 19/09/2012 21:16:06 | Computer Name = Jorget-PC | Source = SideBySide | ID = 16842815
Description = Error al generar el contexto de activación para "c:\program files\R\r-2.13.0\Tcl\bin64\tk85.dll".
Error en el archivo de manifiesto o directiva "c:\program files\R\r-2.13.0\Tcl\bin64\tk85.dll"
en la línea 9. El valor "x64" del atributo "processorArchitecture" del elemento
"assemblyIdentity" no es válido.

Error - 20/09/2012 1146 | Computer Name = Jorget-PC | Source = Google Update | ID = 20
Description =

Error - 20/09/2012 16:20:57 | Computer Name = Jorget-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 23/09/2012 1:21:07 | Computer Name = Jorget-PC | Source = SideBySide | ID = 16842815
Description = Error al generar el contexto de activación para "c:\program files\R\r-2.13.0\Tcl\bin64\tk85.dll".
Error en el archivo de manifiesto o directiva "c:\program files\R\r-2.13.0\Tcl\bin64\tk85.dll"
en la línea 9. El valor "x64" del atributo "processorArchitecture" del elemento
"assemblyIdentity" no es válido.

Error - 23/09/2012 2:43:06 | Computer Name = Jorget-PC | Source = Google Update | ID = 20
Description =

Error - 23/09/2012 7:03:27 | Computer Name = Jorget-PC | Source = Google Update | ID = 20
Description =

[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 18/09/2012 21:06:55 | Computer Name = JORGET-PC | Source = acvpnagent | ID = 67108866
Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp
Line:
384 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31522805
(0xFE1F000B) Description: SOCKETTRANSPORT_ERROR_WRITE

Error - 19/09/2012 3:17:37 | Computer Name = Jorget-PC | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 376 Invoked
Function: IRunnable::Run Return Code: -32047093 (0xFE17000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE

Error - 19/09/2012 3:18:47 | Computer Name = Jorget-PC | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::getDARTInstallDir File: .\mainfrm.cpp Line: 4612
Invoked
Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: No se dispone
de más datos.

Error - 19/09/2012 3:18:51 | Computer Name = Jorget-PC | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1084 NULL object. Cannot establish a connection at this time.

Error - 19/09/2012 7:31:59 | Computer Name = Jorget-PC | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp
Line:
1280 Invoked Function: WSAGetOverlappedResult Return Code: 10054 (0x00002746) Description:
Se ha forzado la interrupción de una conexión existente por el host remoto.

Error - 19/09/2012 7:31:59 | Computer Name = Jorget-PC | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp
Line:
1281 Invoked Function: WSARecv/WSARecvFrom Return Code: 0 (0x00000000) Description:
unknown

Error - 19/09/2012 7:31:59 | Computer Name = Jorget-PC | Source = acvpnagent | ID = 67108866
Description = Function: CIpcTransport::OnSocketReadComplete File: .\IPC\IPCTransport.cpp
Line:
873 Invoked Function: CSocketTransport::readSocket Return Code: -31522801 (0xFE1F000F)
Description:
SOCKETTRANSPORT_ERROR_TRANSPORT_FAILURE

Error - 19/09/2012 7:31:59 | Computer Name = Jorget-PC | Source = acvpnagent | ID = 67108866
Description = Function: CIpcDepot::OnIpcMessageReceived File: .\IPC\IPCDepot.cpp Line:
832 Invoked Function: CIpcTransport::OnSocketReadComplete Return Code: -31522801
(0xFE1F000F) Description: SOCKETTRANSPORT_ERROR_TRANSPORT_FAILURE

Error - 19/09/2012 7:31:59 | Computer Name = Jorget-PC | Source = acvpnagent | ID = 67108866
Description = Function: CTcpTransport::writeSocketBlocking File: .\IPC\SocketTransport.cpp
Line:
1676 Invoked Function: WSASend Return Code: 10054 (0x00002746) Description: Se ha
forzado la interrupción de una conexión existente por el host remoto.

Error - 19/09/2012 7:31:59 | Computer Name = Jorget-PC | Source = acvpnagent | ID = 67108866
Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp
Line:
384 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31522805
(0xFE1F000B) Description: SOCKETTRANSPORT_ERROR_WRITE

[ OSession Events ]
Error - 28/01/2012 13:52:37 | Computer Name = Jorget-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1212
seconds with 300 seconds of active time. This session ended with a crash.

Error - 13/04/2012 17:59:29 | Computer Name = Jorget-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11/10/2012 12:16:40 | Computer Name = Jorget-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 854
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11/10/2012 19:04:22 | Computer Name = Jorget-PC | Source = Service Control Manager | ID = 7023
Description = El servicio Windows Defender se cerró con el siguiente error: %%126

Error - 12/10/2012 11:19:36 | Computer Name = Jorget-PC | Source = DCOM | ID = 10010
Description =

Error - 12/10/2012 11:31:33 | Computer Name = Jorget-PC | Source = Service Control Manager | ID = 7023
Description = El servicio Windows Defender se cerró con el siguiente error: %%126

Error - 12/10/2012 11:31:42 | Computer Name = Jorget-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition
1.137.1642.0).

Error - 12/10/2012 15:01:27 | Computer Name = Jorget-PC | Source = Disk | ID = 262155
Description = El controlador detectó un error de controladora en \Device\Harddisk2\DR7.

Error - 12/10/2012 15:01:28 | Computer Name = Jorget-PC | Source = Disk | ID = 262155
Description = El controlador detectó un error de controladora en \Device\Harddisk2\DR7.

Error - 13/10/2012 11:41:40 | Computer Name = Jorget-PC | Source = Service Control Manager | ID = 7023
Description = El servicio Windows Defender se cerró con el siguiente error: %%126

Error - 13/10/2012 11:41:47 | Computer Name = Jorget-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition
1.137.1642.0).

Error - 14/10/2012 13:37:04 | Computer Name = Jorget-PC | Source = Service Control Manager | ID = 7023
Description = El servicio Windows Defender se cerró con el siguiente error: %%126

Error - 14/10/2012 13:37:16 | Computer Name = Jorget-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition
1.137.1642.0).

< End of report >

**Leosolari** · 17/10/12, 14:37:17

Hola

Desinstalá completamente el Google Chrome.

Vas a trabajar con 2 herramientas. Intentá hacer todos los pasos que menciono mas abajo. Si alguno NO podes hacer, lo saltas y seguis con los otros.

PASO 1

Descargá Glary Utilities a Tu escritorio y lo instalas según Su manual.

Ejecutá Glary Utilities

Presioná el Boton Mantenimiento un Clic
Presioná el Boton Ver Resultados y esperá a que termine.
Cuando termine, presionas el Boton Reparar Problemas.

PASO 2

Descarga la herramienta ComboFix.exe a Tu escritorio.

Desactivá temporalmente el Antivirus y/o Antispyware.
Cerrá todas las ventanas abiertas.
Hacé doble clic al archivo ComboFix.exe y seguí las instrucciones.
Cuando termine, generará un reporte en C:\ComboFix.txt.

*Nota* Mientras CF este trabajando no debes mover el mouse ya que pararía su proceso.
*Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
*Nota* No vuelvas a utilizar ComboFix ni ningun otro programa antivirus hasta que no te de una respuesta.

Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.

NOTAS IMPORTANTES:

° Una vez Terminado el Trabajo de ComboFix, podes activar Tu antivirus.

° No Pongas los Reportes Dentro de Etiquetas Code ni HTML.

° No vuelvas a ejecutar ningún otro programa antivirus hasta que vuelva con una respuesta.

° Si No podes realizar un paso, lo saltas y seguis con el próximo.

En Tu próxima respuesta, debes poner el reporte de ComboFix, que se encuentra en C:\ComboFix.txt

Saludos

**adiskide** · 18/10/12, 12:04:59

Parece que ya funciona,

ComboFix 12-10-18.02 - MediaMarkt 18/10/2012 9:42.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.34.3082.18.4094.1861 [GMT 2:00]
Running from: c:\users\MediaMarkt\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\~.inf
c:\windows\SysWow64\msstdfmt.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_nvsvc
.
.
((((((((((((((((((((((((( Files Created from 2012-09-18 to 2012-10-18 )))))))))))))))))))))))))))))))
.
.
2012-10-18 08:01 . 2012-09-18 22:58 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D7382E5-36EE-4CCC-89F4-EA804622AA2A}\mpengine.dll
2012-10-18 07:58 . 2012-10-18 07:58 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-10-18 07:58 . 2012-10-18 07:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-18 07:25 . 2012-10-18 07:25 -------- d-----w- c:\users\MediaMarkt\AppData\Roaming\GlarySoft
2012-10-18 07:19 . 2012-10-18 07:19 -------- d-----w- c:\program files (x86)\Glary Utilities
2012-10-14 21:15 . 2012-06-29 11:55 22528 ----a-w- c:\windows\AT-Uninstall.exe
2012-10-14 21:15 . 2012-03-12 21:27 11776 ----a-w- c:\windows\Colous.exe
2012-10-14 21:15 . 2008-03-25 08:39 69660 ----a-w- c:\windows\Fart.exe
2012-10-03 16:05 . 2012-10-03 21:01 -------- d-----w- c:\program files (x86)\Blekko Removal Tool
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-14 20:22 . 2012-05-04 04:34 742199 ----a-w- c:\windows\SysWow64\~.tmp
2012-10-11 14:44 . 2011-06-14 18:38 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-08 23:51 . 2012-04-11 11:00 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-08 23:51 . 2011-06-14 20:52 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-07 15:04 . 2011-11-03 21:59 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-22 18:12 . 2012-09-12 13:45 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 13:45 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 13:44 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 09:13 . 2011-06-14 17:50 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-06-14 17:50 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2011-06-14 17:50 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-03-26 19:04 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2011-06-14 17:50 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2011-06-14 17:50 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-06-14 17:49 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-06-14 17:49 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2011-06-14 17:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2012-03-06 19:16 87440 ----a-w- c:\program files (x86)\adawaretb\adawareDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\adawaretb\adawareDx.dll" [2012-03-06 87440]
.
[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\MediaMarkt\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\MediaMarkt\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\MediaMarkt\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ContactKeeper Birthday reminder"="c:\program files (x86)\ContactKeeper\ContactKeeper.exe" [2009-10-20 876544]
"Facebook Update"="c:\users\MediaMarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-18 1157128]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-29 419112]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2010-01-18 181480]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-05-06 593920]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-02-28 198032]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2012-01-13 527312]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-01 285072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"adawarebp"="reg.exe delete HKCU\Software\AppDataLow\Software\adawarebp" [X]
"adawarebp_XP"="reg.exe delete HKCU\Software\adawarebp" [X]
.
c:\users\MediaMarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ArcGIS License Manager 10 CRACKED.lnk - c:\cracked license manager 10\start_lic_mgr_invisible.vbs [2011-6-8 174]
Dropbox.lnk - c:\users\MediaMarkt\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - c:\program files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-5-15 217193]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Servicio de Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-20 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys [2012-01-13 106408]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]
R3 gupdatem;Servicio de Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-20 136176]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-13 115168]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2009-09-02 225280]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-01 1255736]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-06-07 828912]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2012-03-20 69376]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 ArcGIS License Manager;ArcGIS License Manager;c:\program files (x86)\ArcGIS\License10.0\bin\lmgrd.exe [2008-11-05 1500424]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-26 841248]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2012-05-24 2152720]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-01-13 476112]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-09-23 144496]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-07-27 58880]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2012-03-26 17152]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - LAVASOFT_KERNEXPLORER
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 23:51]
.
2012-10-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2518580067-1630595400-3000964315-1000Core.job
- c:\users\MediaMarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-02 15:38]
.
2012-10-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2518580067-1630595400-3000964315-1000UA.job
- c:\users\MediaMarkt\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-02 15:38]
.
2012-10-18 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2012-10-18 19:59]
.
2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-20 20:35]
.
2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-20 20:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\MediaMarkt\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\MediaMarkt\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\MediaMarkt\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\MediaMarkt\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-26 818720]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-10-24 206208]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
mSearchAssistant =
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 87.216.1.65 87.216.1.66
FF - ProfilePath - c:\users\MediaMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\nqvazmq7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: keyword.URL - hxxp://google.com
FF - ExtSQL: 2012-09-02 19:18; {C9B68337-E93A-44EA-94DC-CB300EC06444}; c:\users\MediaMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Convert XLS_is1 - c:\program files (x86)\Softinterface
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
.
**************************************************************************
.
Completion time: 2012-10-18 17:53:46 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-18 15:53
ComboFix2.txt 2012-03-27 03:51
.
Pre-Run: 60.124.475.392 bytes libres
Post-Run: 60.248.870.912 bytes libres
.
- - End Of File - - 285B847F8DE42DCA5F42E7E569D8BD18

**adiskide** · 18/10/12, 12:06:06

El problema persiste pero solo cuando abro pestañas

si abró nuevas sesiones, desaparece blekko...
si abro nuevas pestañas(tab) entonces si que salta el motor blekko este.

¿que debo hacer ? gracias

**Leosolari** · 18/10/12, 14:20:43

Hola

En que navegador ocurre esto ???

**adiskide** · 18/10/12, 22:51:27

Mozilla firefox

**Leosolari** · 19/10/12, 09:18:44

Hola de Nuevo

Ejecutá OTL.exe

Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación

:OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: [email protected]:1.7.3
FF - prefs.js..extensions.enabledAddons: [email protected]:1.2.3
FF - prefs.js..extensions.enabledAddons: {C9B68337-E93A-44EA-94DC-CB300EC06444}:5.30.4
FF - prefs.js..extensions.enabledAddons: {87934c42-161d-45bc-8cef-ef18abe2a30c}:2.2
FF - prefs.js..extensions.enabledAddons: [email protected]:7.0.1466
FF - prefs.js..extensions.enabledAddons: {37fa1426-b82d-11db-8314-0800200c9a66}:2.9.13
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_40 2_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_40 2_287.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files (x86)\Video Convert Master\codec\real\browser\plugins\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files (x86)\Video Convert Master\codec\real\browser\plugins\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\MediaMarkt\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\[email protected]: C:\Program Files (x86)\Iminent\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/13 17:33:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011/06/14 19:43:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Extensions
[2012/10/12 07:13:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions
[2012/09/25 02:39:07 | 000,000,000 | ---D | M] (Ad-Aware Security Add-on) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2012/09/02 19:17:54 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012/05/13 2352 | 000,157,911 | ---- | M] () (No name found) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\firefox\profiles\nqvazmq7.default\extensions\grwatcher@a jnasz.hu.xpi
[2011/10/27 18:51:08 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\firefox\profiles\nqvazmq7.default\extensions\youtube2mp3 @mondayx.de.xpi
[2012/10/12 07:13:06 | 000,196,700 | ---- | M] () (No name found) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\firefox\profiles\nqvazmq7.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
[2012/10/13 17:32:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/10/13 17:32:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/10/13 17:33:03 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/22 15:57:56 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
:Files
ipconfig /flushdns /c
:Commands
[PURITY]
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]

Presioná el Boton Reparar para lanzar la eliminación. Presionas OK.

OTL va a Reiniciar el ordenador para completar la eliminación.

Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.

Saludos

**adiskide** · 19/10/12, 09:37:24

All processes killed
========== OTL ==========
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&type=827316&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: "Google" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: [email protected]:1.7.3 removed from extensions.enabledAddons
Prefs.js: [email protected]:1.2.3 removed from extensions.enabledAddons
Prefs.js: {C9B68337-E93A-44EA-94DC-CB300EC06444}:5.30.4 removed from extensions.enabledAddons
Prefs.js: {87934c42-161d-45bc-8cef-ef18abe2a30c}:2.2 removed from extensions.enabledAddons
Prefs.js: [email protected]:7.0.1466 removed from extensions.enabledAddons
Prefs.js: {37fa1426-b82d-11db-8314-0800200c9a66}:2.9.13 removed from extensions.enabledAddons
Prefs.js: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
File C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_40 2_287.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin\ deleted successfully.
C:\Users\MediaMarkt\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions not found.
File C:\Program Files (x86)\Iminent\[email protected] not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\components folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins deleted successfully.
File C:\Program Files (x86)\Mozilla Firefox\plugins not found.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Extensions folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6 folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\Setup\ada folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\Setup folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\components folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\options folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\uwa folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\panels\js folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\panels\images folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\panels\default folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\panels\css folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib\panels folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin\lib folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\skin folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\locale\toolbar folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\locale\lib folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\locale folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\data\search folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\data folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\content\widgets\net.vmn.www.ToolbarCleaner folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\content\widgets\net.vmn.www.BrowserDataCleaner folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\content\widgets folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\content\newtab\images folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\content\newtab folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\content\modules folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\content\lib folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome\content folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\chrome folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} folder moved successfully.
C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions folder moved successfully.
Folder C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\ not found.
Folder C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\nqvazmq7.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\ not found.
File C:\Users\MediaMarkt\AppData\Roaming\mozilla\firefox\profiles\nqvazmq7.default\extensions\grwatcher@a jnasz.hu.xpi not found.
File C:\Users\MediaMarkt\AppData\Roaming\mozilla\firefox\profiles\nqvazmq7.default\extensions\youtube2mp3 @mondayx.de.xpi not found.
File C:\Users\MediaMarkt\AppData\Roaming\mozilla\firefox\profiles\nqvazmq7.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi not found.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions folder moved successfully.
Folder C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
File C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll not found.
C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
C:\Users\MediaMarkt\Downloads\cmd.bat deleted successfully.
C:\Users\MediaMarkt\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: MediaMarkt
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 60739559 bytes
->Java cache emptied: 4583597 bytes
->FireFox cache emptied: 390695629 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 78246 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1714197 bytes
%systemroot%\System32 .tmp files removed: 742199 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 58789 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 102780 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 438,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: MediaMarkt
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 10192012_152942

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

**adiskide** · 19/10/12, 09:39:04

ahora cuando abro sesión sigue funcionando ya bien

cuando abro una nueva pestaña ya no salta blekko pero me da Problema al cargar la página, no reconoce/carga la página que tengo definida de inicio.( en este caso Google)

Eliminar BLEKKO (Solucionado)

Herramientas

Eliminar BLEKKO (Solucionado)

Re: eliminar BLEKKO

Re: Eliminar BLEKKO

Re: Eliminar BLEKKO

Re: Eliminar BLEKKO

Re: Eliminar BLEKKO

Re: Eliminar BLEKKO

Re: Eliminar BLEKKO

Re: Eliminar BLEKKO

Re: Eliminar BLEKKO