• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 29

    PUP.bProtector

    Resumen del tema: PUP.bProtector - Originalmente publicado por Leosolari Hola Lo que halló Superantispyware NO es nada. Lo del antivirus, ya es otro problema. Comentanos como va el problema por el cual abriste este tema e iremos cerrándolo ... Saludos ...

    1. #1
      Usuario Avatar de palopiedra
      Registrado
      oct 2012
      Ubicación
      Cerdanyola
      Mensajes
      17

      PUP.bProtector

      Cita Originalmente publicado por Leosolari Ver Mensaje
      Hola


      Lo que halló Superantispyware NO es nada.


      Lo del antivirus, ya es otro problema.


      Comentanos como va el problema por el cual abriste este tema e iremos cerrándolo ...




      Saludos
      Hola a mi mepasa lo mismo con el dichoso PUP.bprotector he seguido los pasos que le comentais al compañero y nada no se quita . ¿ Algun consejo?

    2. #2
      Moderador Gral.
      Avatar de Tyny's
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.671

      Re: PUP.bProtector

      Buenas


      Descargá OTL By OldTimer a Tu escritorio

      Ejecutá OTL

      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo hasta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.




      Nos traes el reporte de OTL.


      Saludos.
      If on your journey, you should encounter God, God will be cut!


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de palopiedra
      Registrado
      oct 2012
      Ubicación
      Cerdanyola
      Mensajes
      17

      Re: PUP.bProtector

      Gracias por respeonder tan pronto aqui tienes los reportes :

      OTL logfile created on: 19/10/2012 7:44:37 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PALO\Desktop
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      15,98 Gb Total Physical Memory | 13,99 Gb Available Physical Memory | 87,55% Memory free
      31,95 Gb Paging File | 29,85 Gb Available in Paging File | 93,42% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 1346,17 Gb Total Space | 805,78 Gb Free Space | 59,86% Space Free | Partition Type: NTFS
      Drive D: | 50,00 Gb Total Space | 30,31 Gb Free Space | 60,62% Space Free | Partition Type: NTFS

      Computer Name: PALO-PC | User Name: PALO | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\PALO\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
      PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
      PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe (Sony Computer Entertainment Inc.)
      PRC - C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
      PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)


      ========== Modules (No Company Name) ==========

      MOD - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
      MOD - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0018dd52b56988a833ee41699cf49325\IAStorUtil.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e7cd67fc34ad0fc611c1e1244cfc6584\IAStorCommon.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_es_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
      MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
      MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
      SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
      SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
      SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
      SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
      SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      SRV - (MemeoBackgroundService) -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Memeo)
      SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
      DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
      DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
      DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
      DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys (OpenLibSys.org)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112842&tt=3612_4&babsrc=SP_ss&mntrId=204c3cc0000000000000c89cdcec44e9
      IE - HKCU\..\SearchScopes\{B01DFFCE-0AC7-4966-8362-8213FF62BFCD}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_enDE393
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      ========== FireFox ==========

      FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/10/11 11:04:58 | 000,000,000 | ---D | M]

      [2012/05/22 16:29:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PALO\AppData\Roaming\mozilla\Extensions
      [2012/09/07 13:59:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: Google
      CHR - Extension: No name found = C:\Users\PALO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: No name found = C:\Users\PALO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
      CHR - Extension: No name found = C:\Users\PALO\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
      CHR - Extension: No name found = C:\Users\PALO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink)
      O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
      O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
      O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      O4:64bit: - HKLM..\RunOnce: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8:64bit: - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony2\Browser\IEContext.htm ()
      O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
      O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
      O8 - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony2\Browser\IEContext.htm ()
      O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
      O9:64bit: - Extra Button: eBay.es - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay.es: Subastas, Comprar Nuevo y Segunda Mano. Siempre ofertas File not found
      O9:64bit: - Extra 'Tools' menuitem : eBay.es - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay.es: Subastas, Comprar Nuevo y Segunda Mano. Siempre ofertas File not found
      O9 - Extra Button: eBay.es - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay.es: Subastas, Comprar Nuevo y Segunda Mano. Siempre ofertas File not found
      O9 - Extra 'Tools' menuitem : eBay.es - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay.es: Subastas, Comprar Nuevo y Segunda Mano. Siempre ofertas File not found
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.2.0)
      O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
      O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.2.0)
      O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
      O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/W...x/ieatgpc1.cab (GpcContainer Class)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA0D333B-FC9B-46FB-81F1-EC6E0B2E242C}: NameServer = 87.216.1.65,87.216.1.66
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O20 - AppInit_DLLs: (c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
      O20 - AppInit_DLLs: (c:\progra~3\browse~1\22630~1.40\{16cdf~1\browse~1.dll) - File not found
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/10/19 07:43:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\PALO\Desktop\OTL.exe
      [2012/10/18 17:26:58 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Local\FLT
      [2012/10/18 17:25:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\users
      [2012/10/18 17:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mark of the Ninja
      [2012/10/18 17:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mark of the Ninja
      [2012/10/18 17:16:33 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Local\Programs
      [2012/10/18 13:54:30 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Roaming\Sony Corporation
      [2012/10/18 13:54:30 | 000,000,000 | ---D | C] -- C:\Users\PALO\Documents\PS Vita
      [2012/10/18 13:54:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
      [2012/10/18 13:44:45 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Roaming\Malwarebytes
      [2012/10/18 13:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2012/10/18 13:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2012/10/18 13:44:35 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2012/10/18 13:44:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2012/10/18 13:44:05 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Roaming\GlarySoft
      [2012/10/18 13:42:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
      [2012/10/18 13:42:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
      [2012/10/18 13:32:23 | 000,036,864 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/10/18 09:50:51 | 000,000,000 | ---D | C] -- C:\Users\PALO\Desktop\Mark Of The Ninja
      [2012/10/17 12:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
      [2012/10/17 10:39:55 | 000,000,000 | ---D | C] -- C:\Users\PALO\Desktop\DOOM.3.BFG.EDITION.MULTI6-POSTMORTEM
      [2012/10/13 11:57:15 | 000,000,000 | ---D | C] -- C:\Users\PALO\Documents\Remote Assistance Logs
      [2012/10/13 11:53:34 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Local\{450BB08C-C2D4-4883-95D9-23670F830E8E}
      [2012/10/13 11:53:07 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Roaming\Windows Live Writer
      [2012/10/13 11:53:07 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Local\Windows Live Writer
      [2012/10/10 20:58:45 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
      [2012/10/10 20:58:45 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
      [2012/10/10 20:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
      [2012/10/10 09:06:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
      [2012/10/10 08:47:42 | 000,000,000 | ---D | C] -- C:\Users\PALO\Desktop\Dishonored
      [2012/10/08 17:13:46 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Roaming\FreeCDRipper
      [2012/10/08 17:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
      [2012/10/08 17:12:48 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDesign.dll
      [2012/10/08 17:12:48 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudFile.dll
      [2012/10/08 17:12:48 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioInfos.dll
      [2012/10/08 17:12:48 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioVisu.dll
      [2012/10/08 17:12:48 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudPlayer.dll
      [2012/10/08 17:12:48 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioRecord.dll
      [2012/10/08 17:12:48 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDisplay.dll
      [2012/10/08 17:12:48 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\WMAFile.dll
      [2012/10/08 17:12:47 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Roaming\FreeAudioPack
      [2012/10/08 17:12:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free mp3 Wma Converter
      [2012/10/08 17:12:31 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Local\PackageAware
      [2012/10/08 13:16:47 | 000,000,000 | ---D | C] -- C:\Users\PALO\Documents\FIFA 13
      [2012/10/08 1309 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
      [2012/10/08 08:03:43 | 000,000,000 | ---D | C] -- C:\Users\PALO\Desktop\Fifa 13
      [2012/10/07 14:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiPony2
      [2012/10/07 09:39:10 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Captura 1.5
      [2012/10/07 09:39:10 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Local\Captura 1.5
      [2012/10/02 18:33:45 | 000,000,000 | -HSD | C] -- C:\Users\PALO\Documents\cache
      [2012/10/02 18:33:41 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Roaming\webex
      [2012/10/02 18:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\WebEx
      [2012/10/02 17:56:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Synetic
      [2012/10/02 17:49:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crash Time 5 - Undercover
      [2012/10/02 07:36:22 | 000,000,000 | ---D | C] -- C:\Users\PALO\Desktop\Crashtime 5 Undercover [MULTI2][PCDVD][RELOADED][WwW.GamesTorrents.CoM]
      [2012/09/30 08:11:43 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Local\AliensVsPredator
      [2012/09/29 20:45:28 | 000,000,000 | ---D | C] -- C:\Users\PALO\Documents\EA Games
      [2012/09/29 20:44:42 | 000,000,000 | ---D | C] -- C:\Users\PALO\AppData\Local\EA Games
      [2012/09/29 19:06:23 | 000,000,000 | ---D | C] -- C:\Users\PALO\Documents\KONAMI
      [2012/09/29 18:14:35 | 000,000,000 | ---D | C] -- C:\Users\PALO\Desktop\Silent Collection
      [2012/09/29 17:58:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Silent Hill Homecoming
      [2012/09/22 20:16:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KONAMI
      [2012/09/22 18:53:48 | 000,000,000 | ---D | C] -- C:\Users\PALO\Desktop\CIVIL WAR
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/10/19 07:47:27 | 000,017,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/10/19 07:47:27 | 000,017,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/10/19 07:45:10 | 001,672,994 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/10/19 07:45:10 | 000,745,900 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/10/19 07:45:10 | 000,652,602 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/10/19 07:45:10 | 000,158,142 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/10/19 07:45:10 | 000,121,276 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/10/19 07:43:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\PALO\Desktop\OTL.exe
      [2012/10/19 07:40:17 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/10/19 07:40:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/10/19 07:39:58 | 4276,240,382 | -HS- | M] () -- C:\hiberfil.sys
      [2012/10/18 22:14:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/10/18 17:28:48 | 000,001,585 | ---- | M] () -- C:\Users\PALO\Desktop\Mark of the Ninja.lnk
      [2012/10/18 13:54:26 | 000,002,154 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Asistente del gestor de contenido para PlayStation(R).lnk
      [2012/10/17 12:06:16 | 000,001,841 | ---- | M] () -- C:\Users\PALO\Desktop\Doom3 BFG.lnk
      [2012/10/13 12:21:54 | 000,001,797 | ---- | M] () -- C:\Users\PALO\Documents\Invitación.msrcIncident
      [2012/10/03 00:21:00 | 000,060,776 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
      [2012/10/03 00:21:00 | 000,052,584 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
      [2012/10/03 00:21:00 | 000,016,127 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
      [2012/10/02 21:51:15 | 003,536,817 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
      [2012/10/02 17:56:31 | 000,001,659 | ---- | M] () -- C:\Users\PALO\Desktop\CrashTime5.lnk
      [2012/09/29 20:47:29 | 000,001,771 | ---- | M] () -- C:\Users\PALO\Desktop\Dead Space 2.lnk
      [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
      [2012/09/29 18:54:22 | 000,002,304 | ---- | M] () -- C:\Users\PALO\Desktop\Pro Evolution Soccer 2013 Repack.lnk
      [2012/09/23 11:13:10 | 000,289,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2012/09/20 18:07:16 | 000,002,320 | ---- | M] () -- C:\Users\PALO\Desktop\SKYRIM.lnk
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/10/18 17:28:48 | 000,001,585 | ---- | C] () -- C:\Users\PALO\Desktop\Mark of the Ninja.lnk
      [2012/10/18 13:54:26 | 000,002,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Asistente del gestor de contenido para PlayStation(R).lnk
      [2012/10/18 13:54:26 | 000,002,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente del gestor de contenido para PlayStation(R).lnk
      [2012/10/18 13:42:27 | 000,000,322 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
      [2012/10/18 13:32:23 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/10/18 13:32:23 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/10/17 12:06:16 | 000,001,841 | ---- | C] () -- C:\Users\PALO\Desktop\Doom3 BFG.lnk
      [2012/10/13 12:21:53 | 000,001,797 | ---- | C] () -- C:\Users\PALO\Documents\Invitación.msrcIncident
      [2012/10/10 20:58:56 | 003,536,817 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
      [2012/10/10 20:57:51 | 000,016,127 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
      [2012/10/08 17:12:48 | 000,116,296 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx
      [2012/10/08 17:12:47 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
      [2012/10/02 17:56:31 | 000,001,659 | ---- | C] () -- C:\Users\PALO\Desktop\CrashTime5.lnk
      [2012/09/29 20:47:29 | 000,001,771 | ---- | C] () -- C:\Users\PALO\Desktop\Dead Space 2.lnk
      [2012/09/29 18:54:22 | 000,002,304 | ---- | C] () -- C:\Users\PALO\Desktop\Pro Evolution Soccer 2013 Repack.lnk
      [2012/06/23 10:30:27 | 000,000,032 | -HS- | C] () -- C:\ProgramData\.zreglib
      [2012/05/24 08:11:03 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
      [2012/05/24 08:11:02 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
      [2012/05/24 08:11:01 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
      [2012/05/23 22:15:26 | 000,022,527 | ---- | C] () -- C:\Users\PALO\AppData\Roaming\task–€r.exe
      [2012/05/23 22:14:53 | 000,022,527 | ---- | C] () -- C:\Users\PALO\AppData\Roaming\Ñasïégr.exe
      [2012/05/22 23:18:14 | 001,700,010 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2012/05/21 20:32:17 | 000,017,408 | ---- | C] () -- C:\Users\PALO\AppData\Local\WebpageIcons.db
      [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

      ========== ZeroAccess Check ==========

      [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2012/06/17 07:13:59 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\Ashampoo
      [2012/09/20 14:02:38 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\Bioshock
      [2012/07/21 21:46:44 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\Bioshock2
      [2012/10/18 17:16:06 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\DAEMON Tools Lite
      [2012/10/08 17:12:56 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\FreeAudioPack
      [2012/10/08 17:13:49 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\FreeCDRipper
      [2012/10/18 13:44:05 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\GlarySoft
      [2012/08/12 17:55:06 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\ImgBurn
      [2012/05/22 16:30:51 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\Media Finder
      [2012/10/17 12:00:31 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\Mipony
      [2012/10/15 22:35:52 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\SoftGrid Client
      [2012/06/12 10:56:55 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\TP
      [2012/09/15 20:05:53 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\Trine2
      [2012/10/18 19:14:36 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\uTorrent
      [2012/10/02 18:33:44 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\webex
      [2012/10/13 11:53:07 | 000,000,000 | ---D | M] -- C:\Users\PALO\AppData\Roaming\Windows Live Writer

      ========== Purity Check ==========



      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 24 bytes -> C:\Windows:309EB8341894B3B0
      @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:DBC416F8

      < End of report >

      ------------------------------------------------------------------------------------------------------------------------------------

    4. #4
      Usuario Avatar de palopiedra
      Registrado
      oct 2012
      Ubicación
      Cerdanyola
      Mensajes
      17

      Re: PUP.bProtector

      Y ahora el segundo reporte que no me cabia en una sola respuesta:

      OTL Extras logfile created on: 19/10/2012 7:44:37 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PALO\Desktop
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      15,98 Gb Total Physical Memory | 13,99 Gb Available Physical Memory | 87,55% Memory free
      31,95 Gb Paging File | 29,85 Gb Available in Paging File | 93,42% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 1346,17 Gb Total Space | 805,78 Gb Free Space | 59,86% Space Free | Partition Type: NTFS
      Drive D: | 50,00 Gb Total Space | 30,31 Gb Free Space | 60,62% Space Free | Partition Type: NTFS

      Computer Name: PALO-PC | User Name: PALO | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Extra Registry (SafeList) ==========


      ========== File Associations ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
      .html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

      ========== Shell Spawning ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      exefile [open] -- "%1" %*
      helpfile [open] -- Reg Error: Key error.
      htmlfile [edit] -- Reg Error: Key error.
      htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
      http [open] -- Reg Error: Key error.
      https [open] -- Reg Error: Key error.
      inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
      InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
      InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [explore] -- Reg Error: Value error.
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
      exefile [open] -- "%1" %*
      helpfile [open] -- Reg Error: Key error.
      htmlfile [edit] -- Reg Error: Key error.
      htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
      http [open] -- Reg Error: Key error.
      https [open] -- Reg Error: Key error.
      inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [explore] -- Reg Error: Value error.
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

      ========== Security Center Settings ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
      "cval" = 1

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
      "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
      "AntiVirusOverride" = 0
      "AntiSpywareOverride" = 0
      "FirewallOverride" = 0

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

      ========== Firewall Settings ==========

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0

      ========== Authorized Applications List ==========


      ========== Vista Active Open Ports Exception List ==========

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
      "{133AA06E-3FAC-4B93-A5D4-C41202DB258E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
      "{1837C80B-A4F3-41C9-93B4-4E77DB3BD173}" = lport=10243 | protocol=6 | dir=in | app=system |
      "{1BF04537-3724-4E58-923B-FDD162183330}" = lport=139 | protocol=6 | dir=in | app=system |
      "{25E11A2C-2B92-40FD-AF48-BA421510F0CA}" = rport=139 | protocol=6 | dir=out | app=system |
      "{2C3DD191-3424-4941-86DA-4651C3ACCCA1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
      "{302382E8-6A9E-426B-AAC5-F48BCD40F51D}" = lport=138 | protocol=17 | dir=in | app=system |
      "{3664C42D-6560-4381-85B4-CDEAE399A058}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
      "{3F0CB73A-4640-4B7B-A0AC-524E66E23823}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
      "{4A10F70C-34D1-4F2F-8D33-D69B04B972BA}" = rport=138 | protocol=17 | dir=out | app=system |
      "{531A4325-D0D6-475C-9E22-E0C07D14264B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
      "{541DA30B-CA6F-4C92-9BA0-C238ADE6016F}" = rport=137 | protocol=17 | dir=out | app=system |
      "{6B97C156-A047-4370-8A44-D6946A2AE8D8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
      "{6E81E53D-1D94-438B-976E-0F012207A32F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
      "{9007C0A1-1EA7-4550-B7FB-BBF7C30812C4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
      "{92E29FBF-5DF6-48D6-B3B6-5D6EC208D4FA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
      "{9F5CFB6B-B06F-4DC1-B5B0-D2F66BC25123}" = lport=137 | protocol=17 | dir=in | app=system |
      "{B350188F-F752-4A02-A41C-5D9C2A72FD67}" = lport=2869 | protocol=6 | dir=in | app=system |
      "{B52BE8C1-BB76-445D-99AC-12084B041289}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
      "{BA210874-3317-4FFF-A547-2B576FB1F01F}" = rport=445 | protocol=6 | dir=out | app=system |
      "{BA73DC20-4D5D-44CB-BBC7-F481C0E273D9}" = rport=10243 | protocol=6 | dir=out | app=system |
      "{D63C74F5-9DCE-4F49-A501-D838905BB8A3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
      "{DE0C5255-7569-480C-80D0-C7EF80263BFC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
      "{EC03C356-6753-409F-B369-EC84D12D150C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
      "{F3D917B0-8A4D-49C9-AB7D-91B07E7EA82A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
      "{F40BD0AF-FAED-421F-ABAB-2C8B4D8FDBF6}" = lport=445 | protocol=6 | dir=in | app=system |

      ========== Vista Active Application Exception List ==========

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
      "{01F9182F-6B8E-4F4F-9F2D-D377EA8E0406}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
      "{070B21EE-BEBB-4CB4-9A5B-B7CF2E3BF3BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{122DFB38-E0A4-41E6-918D-B1E1BD95CC0C}" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
      "{1B686E49-3E87-4735-99D0-4B28607C3EAF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{1C499AF2-55CB-44E4-87A6-A1865DFEEF68}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
      "{1D767C0F-5C3B-4122-9569-5019A3E9D12E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{1EF97B44-2AAF-4A34-B185-8F7B4F0D359F}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
      "{2A18F88B-CC7A-44AD-B68E-28F2A1B3FAB3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
      "{2E3385A4-B719-4391-80E8-B187F50687A1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
      "{3307728D-9C8E-48DF-89D4-1AE1E021A1B4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
      "{37855378-7D73-43E1-BFD5-354FE99FFC55}" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
      "{43A4FA25-10FE-4B67-B508-F720332276DC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{449D252C-E651-4458-82ED-13D413858DE9}" = dir=in | app=c:\program files (x86)\wb games\batman arkham city goty\binaries\win32\batmanac.exe |
      "{46BEB79A-3ADC-4BE8-B40A-0F264F4BF289}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
      "{57843D2A-93CC-4DE6-928E-3993C1C4BA97}" = protocol=17 | dir=in | app=c:\st\steam.exe |
      "{57C669C2-86CD-4009-8464-D68249354179}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{60A607B5-294D-4A40-A84A-456A17D53645}" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
      "{62606405-6576-45D8-8886-E3FA0AAA37FD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
      "{6851986A-77D4-445F-AFC3-D6A4696B0CA9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
      "{6A0B439D-9126-419B-A088-D5293329B1C1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
      "{6F610D2C-9533-4DBF-94B7-2E8B56B1090B}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
      "{7838025D-2D56-4CD3-AF58-9A4518900B91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{7F7FAFAB-4339-4875-87F5-C8B655F29579}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
      "{82A215B3-D1E6-4565-8E56-E8F09D0E088C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
      "{85832019-5E10-4687-9BE8-ECC6260C4DFB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
      "{876D88DA-90EE-40A2-9DDE-50F67B9DA496}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
      "{8B4CF7C8-BA2A-4B88-9742-0EC2FE54B066}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
      "{8EDB8961-83FF-49FF-B077-E170D5736628}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{95054842-7AFF-42FE-A769-571BDE7BA61B}" = protocol=6 | dir=out | app=system |
      "{98156BAC-1944-420C-8970-69163C304347}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
      "{A99AFCA9-A36D-4983-B9C4-C338DC9D462C}" = protocol=6 | dir=in | app=c:\st\steam.exe |
      "{B12E3312-CB14-4A2C-9CA2-7A0FD602E3B3}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
      "{B437FC98-1802-4383-B9E7-4920B1FDD799}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
      "{B45A072A-2E57-4027-8898-99775B0DAAF2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{B5D88269-3305-4086-AEDB-BCDFF917512D}" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
      "{C0B4056E-B896-435C-BBE5-FF8029F17959}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
      "{CB2332EA-77AC-41DE-AD54-8B1B22BDC0F9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
      "{CCBC6FEB-6273-44D3-9157-FA10DB5A26A4}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
      "{DFA017EE-9F46-49DD-A244-1D4CB650195F}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
      "{F0E094DB-E3AA-41D1-9ABF-16E74EBA6C67}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
      "{F1E71BF2-1580-44BC-92A3-A215600F81A1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
      "TCP Query User{01EC68F8-FB99-4CD6-B0FB-4B9C5913D947}C:\program files (x86)\activision\transformers fall of cybertron\binaries\tfoc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\transformers fall of cybertron\binaries\tfoc.exe |
      "TCP Query User{0B4313EA-B962-4BDF-B530-4752C2FD7495}C:\program files (x86)\victorval\call of juarez the cartel repack\coj_thecartel.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\call of juarez the cartel repack\coj_thecartel.exe |
      "TCP Query User{0D9CBD61-771B-4DE8-84B4-4C15A0ADE9CC}C:\program files (x86)\victorval\assassins creed revelations repack\acrsp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\assassins creed revelations repack\acrsp.exe |
      "TCP Query User{1339BEB9-E66F-4191-B339-11E22CDC4F3E}C:\program files (x86)\victorval\alice madness returns repack\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\alice madness returns repack\alice2\binaries\win32\alicemadnessreturns.exe |
      "TCP Query User{19FA6655-45FF-4516-B27D-F45753DD004A}C:\program files (x86)\victorval\portal 2 repack\portal2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\portal 2 repack\portal2.exe |
      "TCP Query User{1A760491-380B-4AB8-A786-26E5D5C5C4F6}C:\users\palo\downloads\batman arkham city [multi9][pcdvd][steam unlocked][p2p][www.gamestorrents.com]\b-batcity\binaries\win32\batmanac.exe" = protocol=6 | dir=in | app=c:\users\palo\downloads\batman arkham city [multi9][pcdvd][steam unlocked][p2p][http://www.gamestorrents.com]\b-batc...2\batmanac.exe |
      "TCP Query User{46761C0F-49B1-4311-98E9-3BDA054677AB}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
      "TCP Query User{46E857B5-5C97-4E97-A128-A5BEC5EB3105}C:\program files (x86)\victorval\fifa 2012 repack\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\fifa 2012 repack\game\fifa.exe |
      "TCP Query User{50D581E5-95A2-482A-9F80-6D8B3E67C7C3}C:\program files (x86)\ubisoft\i am alive\src\system\iamalive_game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\i am alive\src\system\iamalive_game.exe |
      "TCP Query User{574B7749-FEB2-492C-94E7-5FBFC6BAA038}C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe |
      "TCP Query User{788AC87D-ECB9-4130-9C6C-941CBD17CEF9}C:\program files (x86)\victorval\saints row the third repack\saintsrowthethird.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\saints row the third repack\saintsrowthethird.exe |
      "TCP Query User{7A57C6C8-ACB1-4366-A6E6-2EFF57F03B89}C:\program files (x86)\victorval\mass effect 3 repack\binaries\win32\masseffect3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\mass effect 3 repack\binaries\win32\masseffect3.exe |
      "TCP Query User{83289C79-05D9-41F8-82FF-27D6070EB0E0}C:\program files (x86)\games\dead.island.game.of.the.year.edition\deadislandgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\games\dead.island.game.of.the.year.edition\deadislandgame.exe |
      "TCP Query User{8F802CCE-A189-49AD-91D5-246B5C4D2C42}C:\users\palo\appdata\roaming\ehho\hokuo.exe" = protocol=6 | dir=in | app=c:\users\palo\appdata\roaming\ehho\hokuo.exe |
      "TCP Query User{958A07A3-CFC2-4186-ACBD-14A61EDE9DA9}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
      "TCP Query User{999EE046-7B95-469A-9A2C-00CEFC9097C9}C:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe |
      "TCP Query User{9EF36BFA-87F8-4284-BC7F-35664B9DC104}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe |
      "TCP Query User{A3287B8F-8410-4EC4-AE57-7138CA576EE1}C:\program files (x86)\bethesda softworks\doom 3 bfg edition\doom3bfg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\doom 3 bfg edition\doom3bfg.exe |
      "TCP Query User{ABEA8FDF-5346-48AF-9E5E-016F03F10FB9}C:\program files (x86)\victorval\dead space 2 repack\deadspace2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\dead space 2 repack\deadspace2.exe |
      "TCP Query User{B67BF217-A72F-49A4-B957-5488866D044E}C:\program files (x86)\namco bandai games\inversion\bin\inversion.exe" = protocol=6 | dir=in | app=c:\program files (x86)\namco bandai games\inversion\bin\inversion.exe |
      "TCP Query User{BB4DAE17-5AE6-4456-BBA9-E9104014C3BC}C:\program files (x86)\victorval\dirt 3 repack\dirt3_game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\dirt 3 repack\dirt3_game.exe |
      "TCP Query User{BD1DC74E-8A6C-47DD-AACB-F1A68F118386}C:\program files (x86)\wb games\batman arkham city goty\binaries\win32\batmanac_o.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wb games\batman arkham city goty\binaries\win32\batmanac_o.exe |
      "TCP Query User{D4F961DB-DB70-4EDC-BF95-17CD2E487814}C:\program files (x86)\victorval\pro evolution soccer 2013 repack\pes2013.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\pro evolution soccer 2013 repack\pes2013.exe |
      "TCP Query User{D662BF2E-CB35-40E4-944E-4E0745B130DE}C:\program files (x86)\victorval\saints row the third repack\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\saints row the third repack\saintsrowthethird_dx11.exe |
      "TCP Query User{D862C631-ADB7-4004-B46F-22A6EB07389F}C:\program files (x86)\victorval\borderlands goty repack\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\borderlands goty repack\binaries\borderlands.exe |
      "TCP Query User{D9B43581-FF8F-48F0-8B19-C653D01E6313}C:\users\palo\appdata\roaming\aban\yrryo.exe" = protocol=6 | dir=in | app=c:\users\palo\appdata\roaming\aban\yrryo.exe |
      "TCP Query User{D9E838FA-EDDD-4A70-AF89-58518DC5BA81}C:\program files (x86)\victorval\mass effect 2 gold repack\binaries\masseffect2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\mass effect 2 gold repack\binaries\masseffect2.exe |
      "TCP Query User{E3550944-3C58-427A-A163-7E02950139E8}C:\program files (x86)\victorval\alice madness returns repack\alice1\bin\alice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\alice madness returns repack\alice1\bin\alice.exe |
      "TCP Query User{E409B039-4E6D-49ED-BF72-2C05EFC72B36}C:\program files (x86)\victorval\batman arkham city repack\binaries\win32\batmanac.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\batman arkham city repack\binaries\win32\batmanac.exe |
      "TCP Query User{EBF2AD4D-778A-4834-BB54-2C9B16D82874}C:\program files (x86)\victorval\gears of war repack\binaries\wargame-g4wlive.exe" = protocol=6 | dir=in | app=c:\program files (x86)\victorval\gears of war repack\binaries\wargame-g4wlive.exe |
      "UDP Query User{06F6CB3D-5BB2-4979-87FC-EC1264D18C83}C:\program files (x86)\victorval\call of juarez the cartel repack\coj_thecartel.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\call of juarez the cartel repack\coj_thecartel.exe |
      "UDP Query User{0B498B06-9329-46ED-B3B0-7A3D2F972863}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
      "UDP Query User{0B4A7F53-4457-4DC9-9A18-2619B2FFB469}C:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe |
      "UDP Query User{1246D91A-9E51-4488-9F31-1191E5ABA717}C:\program files (x86)\victorval\batman arkham city repack\binaries\win32\batmanac.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\batman arkham city repack\binaries\win32\batmanac.exe |
      "UDP Query User{1249ED59-676B-4309-A86B-896C161D78F8}C:\program files (x86)\victorval\saints row the third repack\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\saints row the third repack\saintsrowthethird_dx11.exe |
      "UDP Query User{142D4DE9-D8C1-462C-B4A4-A84963FE9655}C:\users\palo\downloads\batman arkham city [multi9][pcdvd][steam unlocked][p2p][www.gamestorrents.com]\b-batcity\binaries\win32\batmanac.exe" = protocol=17 | dir=in | app=c:\users\palo\downloads\batman arkham city [multi9][pcdvd][steam unlocked][p2p][http://www.gamestorrents.com]\b-batc...2\batmanac.exe |
      "UDP Query User{16AFF4D2-0649-4459-961B-24C826526110}C:\program files (x86)\victorval\saints row the third repack\saintsrowthethird.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\saints row the third repack\saintsrowthethird.exe |
      "UDP Query User{2DFA7CB4-36FE-4DAC-B737-815E5DF2F5D8}C:\program files (x86)\games\dead.island.game.of.the.year.edition\deadislandgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\games\dead.island.game.of.the.year.edition\deadislandgame.exe |
      "UDP Query User{38B01206-E4D3-4539-8F7E-4447B98CAB05}C:\program files (x86)\namco bandai games\inversion\bin\inversion.exe" = protocol=17 | dir=in | app=c:\program files (x86)\namco bandai games\inversion\bin\inversion.exe |
      "UDP Query User{398C4641-1ACC-44BE-8B6A-E0CBFEC9FBB7}C:\program files (x86)\victorval\pro evolution soccer 2013 repack\pes2013.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\pro evolution soccer 2013 repack\pes2013.exe |
      "UDP Query User{3A22F988-FA9F-45A8-B09C-BFE34E58ABFE}C:\program files (x86)\victorval\assassins creed revelations repack\acrsp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\assassins creed revelations repack\acrsp.exe |
      "UDP Query User{4E493325-5C56-4DA1-B827-968B603FE565}C:\program files (x86)\victorval\borderlands goty repack\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\borderlands goty repack\binaries\borderlands.exe |
      "UDP Query User{52EC3E7E-D6D4-4F9B-B930-AE7ED3327B29}C:\users\palo\appdata\roaming\aban\yrryo.exe" = protocol=17 | dir=in | app=c:\users\palo\appdata\roaming\aban\yrryo.exe |
      "UDP Query User{59B6A223-FAF2-4280-A671-6FAEA6829841}C:\program files (x86)\victorval\dead space 2 repack\deadspace2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\dead space 2 repack\deadspace2.exe |
      "UDP Query User{66D053C3-C7BE-4052-8D3E-0C898A9FAFA8}C:\program files (x86)\victorval\alice madness returns repack\alice1\bin\alice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\alice madness returns repack\alice1\bin\alice.exe |
      "UDP Query User{6B2C95B5-AFBA-47C7-90B1-B7E91E96B822}C:\users\palo\appdata\roaming\ehho\hokuo.exe" = protocol=17 | dir=in | app=c:\users\palo\appdata\roaming\ehho\hokuo.exe |
      "UDP Query User{7AD8A9D0-8343-4498-B110-C2B62AB69B01}C:\program files (x86)\victorval\dirt 3 repack\dirt3_game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\dirt 3 repack\dirt3_game.exe |
      "UDP Query User{85CF979D-48B9-460C-8D7E-DC3575F859CB}C:\program files (x86)\victorval\portal 2 repack\portal2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\portal 2 repack\portal2.exe |
      "UDP Query User{92068B48-DADC-428C-969E-17AE7857491B}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe |
      "UDP Query User{936D789F-0FD6-4E63-80E2-9C2F94AE4226}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
      "UDP Query User{95B0CDDF-62B5-4BBA-8E00-13C729A25435}C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe |
      "UDP Query User{963B3A6C-9E32-4F48-8123-C88811D39EBE}C:\program files (x86)\victorval\gears of war repack\binaries\wargame-g4wlive.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\gears of war repack\binaries\wargame-g4wlive.exe |
      "UDP Query User{9A3A950B-A528-4285-9FDB-C094235E537E}C:\program files (x86)\ubisoft\i am alive\src\system\iamalive_game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\i am alive\src\system\iamalive_game.exe |
      "UDP Query User{B2BD95F6-98F4-4AC1-9EA6-0A9B80AE4203}C:\program files (x86)\activision\transformers fall of cybertron\binaries\tfoc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\transformers fall of cybertron\binaries\tfoc.exe |
      "UDP Query User{BA37391E-FAD4-445B-A628-7EC53941D163}C:\program files (x86)\victorval\fifa 2012 repack\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\fifa 2012 repack\game\fifa.exe |
      "UDP Query User{C4C9F0A1-7202-4145-8CD2-B88AAEC2B5B1}C:\program files (x86)\victorval\mass effect 2 gold repack\binaries\masseffect2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\mass effect 2 gold repack\binaries\masseffect2.exe |
      "UDP Query User{CC819775-FBEC-46F9-8E3A-4D631EA4DE52}C:\program files (x86)\victorval\alice madness returns repack\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\alice madness returns repack\alice2\binaries\win32\alicemadnessreturns.exe |
      "UDP Query User{DB1A60A9-230C-4FD4-9CC9-38ACAE008353}C:\program files (x86)\bethesda softworks\doom 3 bfg edition\doom3bfg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\doom 3 bfg edition\doom3bfg.exe |
      "UDP Query User{F490CA0A-F567-4742-804B-AF07DE0B0DF8}C:\program files (x86)\victorval\mass effect 3 repack\binaries\win32\masseffect3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\victorval\mass effect 3 repack\binaries\win32\masseffect3.exe |

      ========== HKEY_LOCAL_MACHINE Uninstall List ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
      "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
      "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
      "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
      "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
      "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
      "{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java(TM) 7 Update 2 (64-bit)
      "{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
      "{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
      "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
      "{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
      "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
      "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
      "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
      "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
      "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
      "{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
      "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
      "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
      "{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
      "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
      "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
      "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
      "{90140000-006D-0C0A-1000-0000000FF1CE}" = Hacer clic y ejecutar de Microsoft Office 2010
      "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
      "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
      "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
      "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Controlador de 3D Vision 306.97
      "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel de control de NVIDIA 306.97
      "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Controlador de gráficos 306.97
      "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Controlador de la controladora 3D Vision 306.97
      "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Software del sistema PhysX 9.12.0604
      "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Actualización de NVIDIA 1.10.8
      "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Controlador de audio HD 1.3.18.0
      "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
      "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
      "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
      "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
      "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
      "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
      "{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
      "{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
      "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
      "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
      "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
      "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
      "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
      "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
      "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
      "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
      "{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
      "CCleaner" = CCleaner
      "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
      "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
      "WinRAR archiver" = WinRAR 4.11 (64-bit)

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
      "{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
      "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
      "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
      "{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
      "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
      "{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
      "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
      "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
      "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
      "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
      "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
      "{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
      "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
      "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
      "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
      "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
      "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
      "{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
      "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
      "{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
      "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
      "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
      "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
      "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
      "{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
      "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
      "{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
      "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
      "{26A24AE4-039D-4CA4-87B4-2F83217002FF}" = Java(TM) 7 Update 2
      "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
      "{28263CF4-15EF-4452-8712-29C4ADE206F2}_is1" = DarkSiders 1.01
      "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
      "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
      "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
      "{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
      "{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
      "{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
      "{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
      "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
      "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
      "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
      "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
      "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
      "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
      "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
      "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
      "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
      "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
      "{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
      "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
      "{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
      "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
      "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
      "{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
      "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
      "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
      "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
      "{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
      "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
      "{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
      "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
      "{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
      "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
      "{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
      "{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
      "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
      "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
      "{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
      "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
      "{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
      "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
      "{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
      "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
      "{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
      "{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
      "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
      "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
      "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
      "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
      "{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
      "{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
      "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
      "{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
      "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
      "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
      "{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
      "{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
      "{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
      "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
      "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
      "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
      "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
      "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
      "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
      "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
      "{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
      "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
      "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
      "{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
      "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
      "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
      "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
      "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
      "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
      "{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
      "{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
      "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
      "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
      "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
      "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
      "{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
      "{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
      "{90140011-0066-0C0A-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Español
      "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
      "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
      "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
      "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
      "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
      "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
      "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
      "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
      "{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
      "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
      "{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
      "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
      "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
      "{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
      "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
      "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
      "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
      "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
      "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
      "{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
      "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
      "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
      "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
      "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
      "{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
      "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
      "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
      "{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
      "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
      "{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
      "{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
      "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
      "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
      "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
      "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
      "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
      "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
      "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
      "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
      "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
      "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
      "{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
      "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
      "{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
      "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
      "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
      "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
      "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
      "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
      "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
      "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
      "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
      "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
      "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
      "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
      "{DC8FA1C1-BE26-4889-85F1-A98AE6E37979}" = Asistente del gestor de contenido para PlayStation(R)
      "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
      "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
      "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
      "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
      "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
      "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
      "{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
      "{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
      "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
      "{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
      "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
      "{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
      "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
      "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
      "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
      "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
      "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
      "{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
      "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
      "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
      "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
      "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
      "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
      "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
      "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
      "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
      "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
      "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
      "{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
      "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
      "«L.A. Noire - The Complete Edition»_is1" = «L.A. Noire - The Complete Edition» (v1.2.2610.1)
      "5513-1208-7298-9440" = JDownloader 0.9
      "7-Zip" = 7-Zip 9.20
      "Adobe AIR" = Adobe AIR
      "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
      "Alan Wake American Nightmare_is1" = Alan Wake American Nightmare
      "Alan Wake Repack" = Alan Wake Repack
      "avast" = avast! Free Antivirus
      "Borderlands GOTY Repack" = Borderlands GOTY Repack
      "Crash Time 5 - Undercover_is1" = Crash Time 5 - Undercover
      "DAEMON Tools Lite" = DAEMON Tools Lite
      "Darksiders II_is1" = Darksiders II
      "Dead Rising 2 Off The Record Repack" = Dead Rising 2 Off The Record Repack
      "Dead Space 2 Repack" = Dead Space 2 Repack
      "Doom 3 BFG Edition_is1" = Doom 3 BFG Edition
      "Dragon Ball Z Budokai Tenkaichi 3 Repack" = Dragon Ball Z Budokai Tenkaichi 3 Repack
      "EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
      "Fallout New Vegas Gold Repack" = Fallout New Vegas Gold Repack
      "Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 2.2
      "Game Booster_is1" = Game Booster 3
      "Gears Of War Repack" = Gears Of War Repack
      "Ghostbusters Repack" = Ghostbusters Repack
      "Glary Utilities_is1" = Glary Utilities 2.49.0.1600
      "ImgBurn" = ImgBurn
      "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
      "InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
      "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
      "InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
      "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
      "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
      "InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
      "Inversion_is1" = Inversion
      "L.A Noire_is1" = L.A. Noire Update v1.3.2613
      "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versión 1.65.1.1000
      "Mark of the Ninja_is1" = Mark of the Ninja
      "MiPony" = MiPony 2.0.1
      "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
      "Office14.Click2Run" = Hacer clic y ejecutar de Microsoft Office 2010
      "OpenAL" = OpenAL
      "pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
      "Portal Full [ESP] [No-Steam] [By CaRLy]" = Portal Full [ESP] [No-Steam] [By CaRLy]
      "Pro Evolution Soccer 2013 Repack" = Pro Evolution Soccer 2013 Repack
      "PunkBusterSvc" = PunkBuster Services
      "Rage Repack" = Rage Repack
      "Rockstar Games Social Club" = Rockstar Games Social Club
      "Saints Row The Third Repack" = Saints Row The Third Repack
      "Silent Hill Gold Repack" = Silent Hill Gold Repack
      "SKYRIM The Elder Scrolls V Repack" = SKYRIM The Elder Scrolls V Repack
      "Sleeping Dogs Limited Edition Repack" = Sleeping Dogs Limited Edition Repack
      "Sonic Generations Repack" = Sonic Generations Repack
      "Steam App 218" = Source SDK Base 2007
      "The KMPlayer" = The KMPlayer (remove only)
      "The Witcher 2 - Assassins of Kings Enhanced Edition_is1" = The Witcher 2 - Assassins of Kings Enhanced Edition
      "The Witcher Enhanced Edition Repack" = The Witcher Enhanced Edition Repack
      "uTorrent" = µTorrent
      "WinLiveSuite" = Windows Live Essentials

      ========== HKEY_CURRENT_USER Uninstall List ==========

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "ActiveTouchMeetingClient" = Cisco WebEx Meetings

      ========== Last 20 Event Log Errors ==========

      [ Application Events ]
      Error - 18/10/2012 10:46:32 | Computer Name = PALO-PC | Source = MemeoBackgroundService | ID = 0
      Description = Problem starting Memeo Background Service :Error con excepción en
      la configuración remota 'System.Reflection.TargetInvocationException: Se produjo
      una excepción en el destino de la invocación. ---> System.Security.Principal.IdentityNotMappedException:
      No se pudieron convertir algunas o todas las referencias de identidad. en System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
      data) en System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
      properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

      en System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
      IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

      --- Fin del seguimiento de la pila de la excepción interna --- en System.RuntimeMethodHandle._InvokeConstructor(Object[]
      args, SignatureStruct& signature, IntPtr declaringType) en System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
      invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) en System.RuntimeType.CreateInstanceImpl(BindingFlags
      bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

      en System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
      entry) en System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity) en System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity)'. en System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity) en System.Runtime.Remoting.RemotingConfiguration.Configure(String
      filename, Boolean ensureSecurity) en RemoteServerService.MemeoBackgroundService.OnStart(String[]
      args)

      Error - 18/10/2012 11:08:44 | Computer Name = PALO-PC | Source = Application Error | ID = 1000
      Description = Nombre de la aplicación con errores: BtwDownload.exe, versión: 6.5.1.2600,
      marca de tiempo: 0x4f68c672 Nombre del módulo con errores: BtwDownload.exe, versión:
      6.5.1.2600, marca de tiempo: 0x4f68c672 Código de excepción: 0xc0000005 Desplazamiento
      de errores: 0x0000000000045d06 Id. del proceso con errores: 0x1034 Hora de inicio
      de la aplicación con errores: 0x01cdad426786a296 Ruta de acceso de la aplicación
      con errores: C:\Users\PALO\AppData\Local\Temp\WebDownload\64\BtwDownload.exe Ruta
      de acceso del módulo con errores: C:\Users\PALO\AppData\Local\Temp\WebDownload\64\BtwDownload.exe
      Id.
      del informe: b4c64e62-1935-11e2-ad42-c89cdcec44e9

      Error - 18/10/2012 11:25:22 | Computer Name = PALO-PC | Source = Application Error | ID = 1000
      Description = Nombre de la aplicación con errores: game.exe, versión: 12.10.15.7516,
      marca de tiempo: 0x507c8245 Nombre del módulo con errores: game.exe, versión: 12.10.15.7516,
      marca de tiempo: 0x507c8245 Código de excepción: 0xc0000005 Desplazamiento de errores:
      0x00001520 Id. del proceso con errores: 0x179c Hora de inicio de la aplicación con
      errores: 0x01cdad44c914ef38 Ruta de acceso de la aplicación con errores: C:\Program
      Files (x86)\Mark of the Ninja\bin\game.exe Ruta de acceso del módulo con errores:
      C:\Program Files (x86)\Mark of the Ninja\bin\game.exe Id. del informe: 079a39ad-1938-11e2-ad42-c89cdcec44e9

      Error - 18/10/2012 11:25:23 | Computer Name = PALO-PC | Source = Application Error | ID = 1000
      Description = Nombre de la aplicación con errores: game.exe, versión: 12.10.15.7516,
      marca de tiempo: 0x507c8245 Nombre del módulo con errores: game.exe, versión: 12.10.15.7516,
      marca de tiempo: 0x507c8245 Código de excepción: 0xc0000005 Desplazamiento de errores:
      0x00001520 Id. del proceso con errores: 0x179c Hora de inicio de la aplicación con
      errores: 0x01cdad44c914ef38 Ruta de acceso de la aplicación con errores: C:\Program
      Files (x86)\Mark of the Ninja\bin\game.exe Ruta de acceso del módulo con errores:
      C:\Program Files (x86)\Mark of the Ninja\bin\game.exe Id. del informe: 087c5f9d-1938-11e2-ad42-c89cdcec44e9

      Error - 18/10/2012 11:25:35 | Computer Name = PALO-PC | Source = Application Error | ID = 1000
      Description = Nombre de la aplicación con errores: game.exe, versión: 12.10.15.7516,
      marca de tiempo: 0x507c8245 Nombre del módulo con errores: game.exe, versión: 12.10.15.7516,
      marca de tiempo: 0x507c8245 Código de excepción: 0xc0000005 Desplazamiento de errores:
      0x00001520 Id. del proceso con errores: 0x1450 Hora de inicio de la aplicación con
      errores: 0x01cdad44d211c948 Ruta de acceso de la aplicación con errores: C:\Program
      Files (x86)\Mark of the Ninja\bin\game.exe Ruta de acceso del módulo con errores:
      C:\Program Files (x86)\Mark of the Ninja\bin\game.exe Id. del informe: 0fe06b41-1938-11e2-ad42-c89cdcec44e9

      Error - 18/10/2012 11:25:42 | Computer Name = PALO-PC | Source = Application Error | ID = 1000
      Description = Nombre de la aplicación con errores: game.exe, versión: 12.10.15.7516,
      marca de tiempo: 0x507c8245 Nombre del módulo con errores: game.exe, versión: 12.10.15.7516,
      marca de tiempo: 0x507c8245 Código de excepción: 0xc0000005 Desplazamiento de errores:
      0x00001520 Id. del proceso con errores: 0x1450 Hora de inicio de la aplicación con
      errores: 0x01cdad44d211c948 Ruta de acceso de la aplicación con errores: C:\Program
      Files (x86)\Mark of the Ninja\bin\game.exe Ruta de acceso del módulo con errores:
      C:\Program Files (x86)\Mark of the Ninja\bin\game.exe Id. del informe: 13fa6fb1-1938-11e2-ad42-c89cdcec44e9

      Error - 18/10/2012 13:15:31 | Computer Name = PALO-PC | Source = MemeoBackgroundService | ID = 0
      Description = Problem starting Memeo Background Service :Error con excepción en
      la configuración remota 'System.Reflection.TargetInvocationException: Se produjo
      una excepción en el destino de la invocación. ---> System.Security.Principal.IdentityNotMappedException:
      No se pudieron convertir algunas o todas las referencias de identidad. en System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
      data) en System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
      properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

      en System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
      IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

      --- Fin del seguimiento de la pila de la excepción interna --- en System.RuntimeMethodHandle._InvokeConstructor(Object[]
      args, SignatureStruct& signature, IntPtr declaringType) en System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
      invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) en System.RuntimeType.CreateInstanceImpl(BindingFlags
      bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

      en System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
      entry) en System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity) en System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity)'. en System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity) en System.Runtime.Remoting.RemotingConfiguration.Configure(String
      filename, Boolean ensureSecurity) en RemoteServerService.MemeoBackgroundService.OnStart(String[]
      args)

      Error - 18/10/2012 14:15:26 | Computer Name = PALO-PC | Source = MemeoBackgroundService | ID = 0
      Description = Problem starting Memeo Background Service :Error con excepción en
      la configuración remota 'System.Reflection.TargetInvocationException: Se produjo
      una excepción en el destino de la invocación. ---> System.Security.Principal.IdentityNotMappedException:
      No se pudieron convertir algunas o todas las referencias de identidad. en System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
      data) en System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
      properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

      en System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
      IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

      --- Fin del seguimiento de la pila de la excepción interna --- en System.RuntimeMethodHandle._InvokeConstructor(Object[]
      args, SignatureStruct& signature, IntPtr declaringType) en System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
      invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) en System.RuntimeType.CreateInstanceImpl(BindingFlags
      bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

      en System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
      entry) en System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity) en System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity)'. en System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity) en System.Runtime.Remoting.RemotingConfiguration.Configure(String
      filename, Boolean ensureSecurity) en RemoteServerService.MemeoBackgroundService.OnStart(String[]
      args)

      Error - 18/10/2012 15:50:24 | Computer Name = PALO-PC | Source = MemeoBackgroundService | ID = 0
      Description = Problem starting Memeo Background Service :Error con excepción en
      la configuración remota 'System.Reflection.TargetInvocationException: Se produjo
      una excepción en el destino de la invocación. ---> System.Security.Principal.IdentityNotMappedException:
      No se pudieron convertir algunas o todas las referencias de identidad. en System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
      data) en System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
      properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

      en System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
      IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

      --- Fin del seguimiento de la pila de la excepción interna --- en System.RuntimeMethodHandle._InvokeConstructor(Object[]
      args, SignatureStruct& signature, IntPtr declaringType) en System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
      invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) en System.RuntimeType.CreateInstanceImpl(BindingFlags
      bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

      en System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
      entry) en System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity) en System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity)'. en System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity) en System.Runtime.Remoting.RemotingConfiguration.Configure(String
      filename, Boolean ensureSecurity) en RemoteServerService.MemeoBackgroundService.OnStart(String[]
      args)

      Error - 19/10/2012 1:40:10 | Computer Name = PALO-PC | Source = MemeoBackgroundService | ID = 0
      Description = Problem starting Memeo Background Service :Error con excepción en
      la configuración remota 'System.Reflection.TargetInvocationException: Se produjo
      una excepción en el destino de la invocación. ---> System.Security.Principal.IdentityNotMappedException:
      No se pudieron convertir algunas o todas las referencias de identidad. en System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
      data) en System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
      properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

      en System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
      IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

      --- Fin del seguimiento de la pila de la excepción interna --- en System.RuntimeMethodHandle._InvokeConstructor(Object[]
      args, SignatureStruct& signature, IntPtr declaringType) en System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
      invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) en System.RuntimeType.CreateInstanceImpl(BindingFlags
      bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

      en System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
      entry) en System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity) en System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity)'. en System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
      configData, Boolean ensureSecurity) en System.Runtime.Remoting.RemotingConfiguration.Configure(String
      filename, Boolean ensureSecurity) en RemoteServerService.MemeoBackgroundService.OnStart(String[]
      args)

      [ Media Center Events ]
      Error - 25/08/2012 21:08:58 | Computer Name = PALO-PC | Source = MCUpdate | ID = 0
      Description = 3:08:58 - Error al conectarse a Internet. 3:08:58 - No se puede
      establecer contacto con el servidor..

      Error - 25/08/2012 22:11:16 | Computer Name = PALO-PC | Source = MCUpdate | ID = 0
      Description = 4:11:16 - Error al conectarse a Internet. 4:11:16 - No se puede
      establecer contacto con el servidor..

      Error - 25/08/2012 23:12:46 | Computer Name = PALO-PC | Source = MCUpdate | ID = 0
      Description = 5:12:46 - Error al conectarse a Internet. 5:12:46 - No se puede
      establecer contacto con el servidor..

      [ System Events ]
      Error - 10/09/2012 15:54:40 | Computer Name = PALO-PC | Source = Schannel | ID = 36888
      Description = Se generó la siguiente alerta irrecuperable: 40. El estado del error
      interno es 107.

      Error - 12/09/2012 1:17:44 | Computer Name = PALO-PC | Source = volsnap | ID = 393252
      Description = Se anularon las instantáneas del volumen C: porque el almacenamiento
      de instantáneas no pudo crecer debido a un límite impuesto por el usuario.

      Error - 14/09/2012 9:52:28 | Computer Name = PALO-PC | Source = EventLog | ID = 6008
      Description = El cierre anterior del sistema a las 15:51:16 del ?14/?09/?2012 resultó
      inesperado.

      Error - 16/09/2012 3:18:21 | Computer Name = PALO-PC | Source = Microsoft-Windows-Time-Service | ID = 34
      Description = El servicio de hora detectó que la hora del sistema debe modificarse
      en -86355 segundos. El servicio de hora no cambiará la hora del sistema en más
      de 54000 segundos. Compruebe que la hora y la zona horaria son correctas, y que
      el origen de la hora time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.22:123)
      funciona correctamente.

      Error - 16/09/2012 9:11:50 | Computer Name = PALO-PC | Source = Microsoft-Windows-Time-Service | ID = 34
      Description = El servicio de hora detectó que la hora del sistema debe modificarse
      en -86355 segundos. El servicio de hora no cambiará la hora del sistema en más
      de 54000 segundos. Compruebe que la hora y la zona horaria son correctas, y que
      el origen de la hora time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.15:123)
      funciona correctamente.

      Error - 16/09/2012 9:30:24 | Computer Name = PALO-PC | Source = Microsoft-Windows-Time-Service | ID = 34
      Description = El servicio de hora detectó que la hora del sistema debe modificarse
      en -86355 segundos. El servicio de hora no cambiará la hora del sistema en más
      de 54000 segundos. Compruebe que la hora y la zona horaria son correctas, y que
      el origen de la hora time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.20:123)
      funciona correctamente.

      Error - 16/09/2012 15:05:34 | Computer Name = PALO-PC | Source = Microsoft-Windows-Time-Service | ID = 34
      Description = El servicio de hora detectó que la hora del sistema debe modificarse
      en -86354 segundos. El servicio de hora no cambiará la hora del sistema en más
      de 54000 segundos. Compruebe que la hora y la zona horaria son correctas, y que
      el origen de la hora time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.23:123)
      funciona correctamente.

      Error - 17/09/2012 0:19:31 | Computer Name = PALO-PC | Source = Microsoft-Windows-Time-Service | ID = 34
      Description = El servicio de hora detectó que la hora del sistema debe modificarse
      en -86354 segundos. El servicio de hora no cambiará la hora del sistema en más
      de 54000 segundos. Compruebe que la hora y la zona horaria son correctas, y que
      el origen de la hora time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.22:123)
      funciona correctamente.

      Error - 17/09/2012 1:48:43 | Computer Name = PALO-PC | Source = Service Control Manager | ID = 7009
      Description = Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio
      Steam Client Service.

      Error - 17/09/2012 1:48:43 | Computer Name = PALO-PC | Source = Service Control Manager | ID = 7000
      Description = El servicio Steam Client Service no pudo iniciarse debido al siguiente
      error: %%1053


      < End of report >

    5. #5
      Moderador Gral.
      Avatar de Tyny's
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.671

      Re: PUP.bProtector

      Buenas.


      Ejecutá OTL.exe


      1.- Copiar el siguiente texto (excluyendo la palabra Código):
      Código:
      :OTL
      PRC - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe 
      MOD - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe 
      MOD - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
      
      :Commands
      [PURITY] 
      [RESETHOSTS]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [CREATERESTOREPOINT]
      2.- Pegar el contenido sobre el apartado: Análisis Personalizados /Código de Reparación.


      3.- Presionar el botón Reparar para comenzar el procedimiento. Presionar OK.


      OTL va a reiniciar el ordenador para completar el procedimiento.

      Guardar el nuevo reporte generado. Copiar y pegarlo en su próxima respuesta, comentando como funciona el Sistema.
      If on your journey, you should encounter God, God will be cut!


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de palopiedra
      Registrado
      oct 2012
      Ubicación
      Cerdanyola
      Mensajes
      17

      Re: PUP.bProtector

      Gracias amigo pero cuando lo copio pego el OTL no responde y se queda bloqueado

    7. #7
      Moderador Gral.
      Avatar de Tyny's
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.671

      Re: PUP.bProtector

      Buenas.


      Vamos a utilizar una herramienta mas.



      Descarga la herramienta ComboFix.exe y guárdala en el escritorio.

      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.



      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje. Comentando como esta funcionado tu sistema en relación al problema inicial.
      If on your journey, you should encounter God, God will be cut!


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de palopiedra
      Registrado
      oct 2012
      Ubicación
      Cerdanyola
      Mensajes
      17

      Re: PUP.bProtector

      Gracias de nuevo vamos a probar

    9. #9
      Usuario Avatar de palopiedra
      Registrado
      oct 2012
      Ubicación
      Cerdanyola
      Mensajes
      17

      Re: PUP.bProtector

      Perdon por mi ignorancia pero me he acojonado al usar el combofix,cuando habia terminado con los procesos y intentaba navegar no me funcionaba nada,ni siquiera el explorer, al final lo he reiniciado y ahora parece que puedo navegar ahi va el documento del combo , un saludo :

      ComboFix 12-10-18.03 - PALO 19/10/2012 13:29:57.1.4 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.34.3082.18.16360.14826 [GMT 2:00]
      Running from: c:\users\PALO\Desktop\ComboFix.exe
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      ADS - Windows: deleted 24 bytes in 1 streams.
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      -------\Service_nvsvc
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-09-19 to 2012-10-19 )))))))))))))))))))))))))))))))
      .
      .
      2012-10-19 11:34 . 2012-10-19 11:34 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-10-19 09:24 . 2012-10-19 09:24 -------- d-----w- C:\_OTL
      2012-10-18 15:26 . 2012-10-18 15:26 -------- d-----w- c:\users\PALO\AppData\Local\FLT
      2012-10-18 15:25 . 2012-10-18 15:25 -------- d-----w- c:\program files (x86)\users
      2012-10-18 15:16 . 2012-10-18 15:25 -------- d-----w- c:\program files (x86)\Mark of the Ninja
      2012-10-18 15:16 . 2012-10-18 15:16 -------- d-----w- c:\users\PALO\AppData\Local\Programs
      2012-10-18 11:54 . 2012-10-18 11:54 -------- d-----w- c:\users\PALO\AppData\Roaming\Sony Corporation
      2012-10-18 11:54 . 2012-10-18 11:54 -------- d-----w- c:\program files (x86)\Sony
      2012-10-18 11:44 . 2012-10-18 11:44 -------- d-----w- c:\users\PALO\AppData\Roaming\Malwarebytes
      2012-10-18 11:44 . 2012-10-18 11:44 -------- d-----w- c:\programdata\Malwarebytes
      2012-10-18 11:44 . 2012-10-18 11:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2012-10-18 11:44 . 2012-09-29 17:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-10-18 11:44 . 2012-10-18 11:44 -------- d-----w- c:\users\PALO\AppData\Roaming\GlarySoft
      2012-10-18 11:42 . 2012-10-18 11:42 -------- d-----w- c:\program files (x86)\Glary Utilities
      2012-10-18 11:32 . 2012-03-12 21:27 11776 ----a-w- c:\windows\Colous.exe
      2012-10-18 11:32 . 2008-03-25 08:39 69660 ----a-w- c:\windows\Fart.exe
      2012-10-13 09:53 . 2012-10-13 09:53 -------- d-----w- c:\users\PALO\AppData\Local\Windows Live Writer
      2012-10-13 09:53 . 2012-10-13 09:53 -------- d-----w- c:\users\PALO\AppData\Roaming\Windows Live Writer
      2012-10-10 18:59 . 2012-10-10 18:59 -------- d-----w- c:\users\UpdatusUser
      2012-10-10 18:58 . 2012-10-02 19:51 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
      2012-10-10 18:58 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
      2012-10-10 18:58 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll
      2012-10-10 18:58 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe
      2012-10-10 18:58 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll
      2012-10-10 18:58 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
      2012-10-10 18:58 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll
      2012-10-10 18:58 . 2012-10-02 22:21 60776 ----a-w- c:\windows\system32\OpenCL.dll
      2012-10-10 18:58 . 2012-10-02 22:21 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
      2012-10-10 18:58 . 2012-10-10 18:58 -------- d-----w- c:\programdata\NVIDIA Corporation
      2012-10-10 07:06 . 2012-10-17 10:01 -------- d-----w- c:\program files (x86)\Bethesda Softworks
      2012-10-08 15:13 . 2012-10-08 15:13 -------- d-----w- c:\users\PALO\AppData\Roaming\FreeCDRipper
      2012-10-08 11:10 . 2012-10-08 11:10 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
      2012-10-07 12:42 . 2012-10-07 12:42 -------- d-----w- c:\program files (x86)\MiPony2
      2012-10-07 07:39 . 2012-10-07 07:39 -------- d-----w- c:\users\PALO\AppData\Local\Captura 1.5
      2012-10-02 16:33 . 2012-10-02 16:33 -------- d-----w- c:\users\PALO\AppData\Roaming\webex
      2012-10-02 16:33 . 2012-10-02 16:33 -------- d-----w- c:\programdata\WebEx
      2012-10-02 15:56 . 2012-10-19 09:20 -------- d-----w- c:\programdata\Synetic
      2012-10-02 11:15 . 2012-10-02 11:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
      2012-09-30 06:11 . 2012-09-30 06:11 -------- d-----w- c:\users\PALO\AppData\Local\AliensVsPredator
      2012-09-29 18:44 . 2012-09-29 18:44 -------- d-----w- c:\users\PALO\AppData\Local\EA Games
      2012-09-23 08:47 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
      2012-09-23 08:43 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
      2012-09-22 18:16 . 2012-09-22 18:16 -------- d-----w- c:\program files (x86)\KONAMI
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-10-09 16:14 . 2012-05-29 06:33 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-10-09 16:14 . 2011-12-01 21:26 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-08-30 22:43 . 2011-07-18 20:31 64462936 ----a-w- c:\windows\system32\MRT.exe
      2012-08-21 09:13 . 2012-05-21 18:41 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
      2012-08-21 09:13 . 2012-05-21 18:41 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
      2012-08-21 09:13 . 2012-05-21 18:41 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
      2012-08-21 09:13 . 2012-05-21 18:41 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
      2012-08-21 09:13 . 2012-05-21 18:41 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
      2012-08-21 09:13 . 2012-05-21 18:41 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
      2012-08-21 09:12 . 2012-05-21 18:41 41224 ----a-w- c:\windows\avastSS.scr
      2012-08-21 09:12 . 2012-05-21 18:41 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
      2012-08-21 09:12 . 2012-05-21 16:28 285328 ----a-w- c:\windows\system32\aswBoot.exe
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
      "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-15 113288]
      "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
      "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
      "amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Asistente del gestor de contenido para PlayStation(R).lnk - c:\program files (x86)\Sony\Content Manager Assistant\CMA.exe [2012-7-23 2796000]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "AppInit_DLLs"=c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~3\browse~1\23787~1.43\{16cdf~1\browsemngr.dll
      "LoadAppInit_DLLs"=1 (0x1)
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
      R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
      R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
      R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-23 1255736]
      R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
      R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2010-09-23 129008]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-22 283200]
      S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
      S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
      S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
      S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-09-30 140672]
      S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
      S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-10-10 2309656]
      S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
      S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
      S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-09-28 25824]
      S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-02 1258856]
      S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
      S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
      S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-03-11 2656280]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
      S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2011-03-11 56344]
      S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-07-28 92672]
      S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-07-28 209408]
      S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
      S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
      S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
      S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
      S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
      S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-10-19 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-29 16:14]
      .
      2012-10-19 c:\windows\Tasks\GlaryInitialize.job
      - c:\program files (x86)\Glary Utilities\initialize.exe [2012-10-18 19:59]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-11-29 13374568]
      "MedionReminder"="c:\program files (x86)\CyberLink\PowerRecover\Reminder.exe" [2011-05-25 443688]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
      "MedionReminder"="c:\program files (x86)\CyberLink\PowerRecover\Reminder.exe" [2011-05-25 443688]
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://www.google.es/
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: Descargar con Mipony - file://c:\program files (x86)\MiPony2\Browser\IEContext.htm
      IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
      IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
      IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay.es: Subastas, Comprar Nuevo y Segunda Mano. Siempre ofertas
      TCP: Interfaces\{BA0D333B-FC9B-46FB-81F1-EC6E0B2E242C}: NameServer = 87.216.1.65,87.216.1.66
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-{D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file)
      AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="ChromeHTML"
      .
      [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="ChromeHTML"
      .
      [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="ChromeHTML"
      .
      [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="ChromeHTML"
      .
      [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="ChromeHTML"
      .
      [HKEY_USERS\S-1-5-21-1517146824-1161643757-2798581530-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
      "??"=hex:2a,94,91,72,f9,1f,b3,06,84,7a,97,60,06,0e,a7,99,dc,10,25,f1,15,10,e6,
      77,ba,c9,3f,7e,67,03,03,ea,0c,ab,47,70,34,1b,c4,37,e4,0c,10,9e,85,2e,e5,e5,\
      "??"=hex:64,15,63,08,5c,c7,c8,ad,30,3d,c8,c6,db,9f,bb,da
      .
      [HKEY_USERS\S-1-5-21-1517146824-1161643757-2798581530-1001\Software\SecuROM\License information*]
      "datasecu"=hex:8a,b6,b1,83,ee,29,8e,97,d5,6a,73,a9,89,95,82,4c,36,37,e3,c1,ff,
      fc,c6,98,52,9a,8e,5b,3c,8a,0c,50,ff,64,5a,40,ca,9e,0b,1d,69,ca,77,d1,82,9a,\
      "rkeysecu"=hex:df,54,d8,53,be,18,a9,c4,fb,ed,c3,f2,44,dd,d3,61
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\AVAST Software\Avast\AvastSvc.exe
      c:\windows\SysWOW64\schtasks.exe
      c:\windows\SysWOW64\PnkBstrA.exe
      c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      .
      **************************************************************************
      .
      Completion time: 2012-10-19 13:39:35 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-10-19 11:39
      .
      Pre-Run: 905.549.266.944 bytes libres
      Post-Run: 904.797.589.504 bytes libres
      .
      - - End Of File - - 79C13F647F9E2FFF3674F98BB0D23D3B

    10. #10
      Usuario Avatar de palopiedra
      Registrado
      oct 2012
      Ubicación
      Cerdanyola
      Mensajes
      17

      Re: PUP.bProtector

      Ademas en el escritorio ahora tengo 2 iconos que no se pa que sirven son "desktop.ini" con candado y el mismo pero sin candado,tambien le estoy pasando el superantispywere haber si aun me sale lo del PUP.BPROTECTOR de las narices , Chao.

      5 Min. despues.... Hola perdoname por ser tan pesao pero el pup.bprotector SIGUE AHI el maldito,gracias de antemano por todos vuestros consejos y sabiduria , no se que haria sin vosotros.
      Última edición por palopiedra fecha: 19/10/12 a las 09:05:06

    Página 1 de 3 123 ÚltimoÚltimo