• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 12

    Savings sidekick y claro search toolbar

    Buenas! Descargando no se muy bien que se me han metido este par de perlitas en el ordenador. He probado a borrar ambas desde la opcion desinstalar programas del panel de control, pero al rato ...

    1. #1
      Usuario Avatar de Agataklau
      Registrado
      abr 2012
      Ubicación
      Guadalajara
      Mensajes
      16

      Savings sidekick y claro search toolbar

      Buenas! Descargando no se muy bien que se me han metido este par de perlitas en el ordenador. He probado a borrar ambas desde la opcion desinstalar programas del panel de control, pero al rato me sale un mensaje de un tal iehelper.dll y vuelven a aparecer. ¿Como puedo borrar esto?

      Gracias!

    2. #2
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: Savings sidekick y claro search toolbar

      Buenas

      Por normas del foro no puedes tener mas de un tema abierto a la vez.
      En un tema anterior: Virus: Pantalla en negro y no me deja ejecutar aplicaciones .exe (Terminado/Formateo) pasa por allí y comenta para darlo por solventado o terminado según halla sido el caso.



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Agataklau
      Registrado
      abr 2012
      Ubicación
      Guadalajara
      Mensajes
      16

      Re: Savings sidekick y claro search toolbar

      Sorry no me habia dado cuenta, ya esta :D

    4. #4
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: Savings sidekick y claro search toolbar

      Ok,
      Te aparece las toolbar en qué navegadores ?

      Vas a realizar lo siguiente:

      Descarga OTL.exe by Oldtimer en el Escritorio

      Cierra todas las ventanas y programas abiertos.

      Desde Modo Normal Ejecuta OTL con Double click sobre su ícono y solo configura lo siguiente dejando lo demas por default:
      1. Activa la casilla de "Scan All Users" (Analizar Todos )
      2. Cambia a resultado mínimo en "Tipo de Análisis"
      3. Activa la casilla de "Skip Microsoft Files" (Omitir archivos de Microsoft)
      4. Pulsa el Botón Run Scan (Analizar)


      Al finalizar, dos reportes se abriran, copia y pega solamente el de nombre:

      OTL.txt <-- (este es el que veras automaticamnte al finalizar)



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de Agataklau
      Registrado
      abr 2012
      Ubicación
      Guadalajara
      Mensajes
      16

      Re: Savings sidekick y claro search toolbar

      OTL logfile created on: 24/11/2012 0:39:18 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Clau\Downloads
      64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      3,68 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 65,20% Memory free
      7,36 Gb Paging File | 5,87 Gb Available in Paging File | 79,83% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 583,07 Gb Total Space | 467,99 Gb Free Space | 80,26% Space Free | Partition Type: NTFS

      Computer Name: CLAU-PC | User Name: Clau | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Clau\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
      PRC - C:\Users\Clau\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Windows\SysWOW64\schtasks.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
      PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
      PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
      PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
      PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
      PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
      PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe ()
      PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
      PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
      PRC - C:\Archivos de programa\Acer\Acer Updater\UpdaterService.exe (Acer Group)
      PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
      PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
      PRC - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)


      ========== Modules (No Company Name) ==========

      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7e8f414bc6515c5c0ac668b66c54d0e9\IAStorUtil.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1430191d067c0f28c3a676d3ecb85b26\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\515c6ffea562bb0f03a1ed8f75279648\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f4be07261983040b29685575b69085e8\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6a68e4c50351a220511a5dfc3e025685\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2d47118e5da6db054d5676e665f2be2\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2f44dac350b6161a9e9ce7222ae94335\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c8ebcd93a2b547dc72dee2fcfabcdd50\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5530227809880c9b8b1d834e5434e840\mscorlib.ni.dll ()
      MOD - c:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      MOD - c:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
      MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
      MOD - C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe ()
      MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe File not found
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (McAfee SiteAdvisor Service) -- c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe (McAfee, Inc.)
      SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
      SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
      SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
      SRV - (ePowerSvc) -- C:\Archivos de programa\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
      SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
      SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
      SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (Updater Service) -- C:\Archivos de programa\Acer\Acer Updater\UpdaterService.exe (Acer Group)
      SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
      SRV - (EpsonBidirectionalService) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
      DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
      DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
      DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (ZTE Incorporated)
      DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
      DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
      DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
      DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
      DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
      DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search
      IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
      IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2805139


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Claro Search
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Claro Search
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\URLSearchHook: {ba5844d2-b2c5-49eb-86f5-248d776a6f08} - No CLSID value found
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4712_6&babsrc=SP_clro&mntrId=0e37617c0000000000001c659d4c433e
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_esES412ES412
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{9068B34B-EF30-42AC-BC34-BC1F11EF0C7A}: "URL" = http://start.funmoods.com/results.php?f=4&a=bf3&q={searchTerms}
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2805139
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "Claro Search"
      FF - prefs.js..browser.search.order.1: "Claro Search"
      FF - prefs.js..browser.search.selectedEngine: "Claro Search"
      FF - prefs.js..browser.startup.homepage: "http://www.claro-search.com/?affID=114508&tt=4712_6&babsrc=HP_clro&mntrId=0e37617c0000000000001c659d4c433e"
      FF - prefs.js..extensions.enabledAddons: [email protected]:1.5.0
      FF - prefs.js..extensions.enabledAddons: [email protected]:1.20.00
      FF - prefs.js..extensions.enabledAddons: {C9B68337-E93A-44EA-94DC-CB300EC06444}:4.51.0
      FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.4.0.0
      FF - prefs.js..extensions.enabledAddons: [email protected]:0.85.37
      FF - prefs.js..keyword.URL: "http://www.claro-search.com/?affID=114508&tt=4712_6&babsrc=KW_clro&mntrId=0e37617c0000000000001c659d4c433e&q="


      FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Clau\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/08/23 15:34:25 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi [2012/03/25 02:28:05 | 000,102,423 | ---- | M] ()
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/28 16:56:29 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/30 22:01:57 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/01 12:01:46 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/01 12:01:46 | 000,000,000 | ---D | M]

      [2012/05/05 21:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Clau\AppData\Roaming\mozilla\Extensions
      [2012/11/23 21:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Clau\AppData\Roaming\mozilla\Firefox\Profiles\txn6o002.default\extensions
      [2012/03/25 02:31:17 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Clau\AppData\Roaming\mozilla\Firefox\Profiles\txn6o002.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
      [2012/01/02 02:48:52 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Clau\AppData\Roaming\mozilla\Firefox\Profiles\txn6o002.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
      [2012/11/23 20:59:37 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Users\Clau\AppData\Roaming\mozilla\Firefox\Profiles\txn6o002.default\extensions\[email protected]
      [2012/03/03 12:48:36 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Clau\AppData\Roaming\mozilla\Firefox\Profiles\txn6o002.default\extensions\[email protected]
      [2012/03/03 12:48:36 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\Clau\AppData\Roaming\mozilla\Firefox\Profiles\txn6o002.default\extensions\[email protected]
      [2012/03/25 02:28:23 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Clau\AppData\Roaming\mozilla\Firefox\Profiles\txn6o002.default\extensions\[email protected]
      [2012/11/23 20:59:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Clau\AppData\Roaming\mozilla\Firefox\Profiles\txn6o002.default\extensions\[email protected]\chrome\content\extensionCode
      [2012/02/26 16:07:10 | 000,001,797 | ---- | M] () -- C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\funmoods.xml
      [2012/11/23 20:20:40 | 000,002,516 | ---- | M] () -- C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\mngr.xml
      [2011/12/12 22:42:36 | 000,002,520 | ---- | M] () -- C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\SearchResults.xml
      [2012/01/02 02:48:43 | 000,003,915 | ---- | M] () -- C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\sweetim.xml
      [2012/05/21 19:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/01/03 14:34:26 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      [2012/05/21 19:45:58 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/07/23 22:56:58 | 000,089,224 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
      [2012/07/23 22:59:01 | 000,089,224 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
      [2012/11/23 20:59:45 | 000,006,522 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
      [2012/03/05 22:57:39 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/03/05 22:57:39 | 000,003,996 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/03/05 22:57:39 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2011/12/12 22:42:36 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
      [2012/03/05 22:57:39 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/03/05 22:57:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/03/05 22:57:39 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - homepage: Claro Search
      CHR - default_search_provider: Claro Search (Enabled)
      CHR - default_search_provider: search_url = http://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4712_6&babsrc=SP_clro&mntrId=0e37617c0000000000001c659d4c433e
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: Claro Search
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
      CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Clau\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
      CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
      CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
      CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
      CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
      CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
      CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
      CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
      CHR - Extension: YouTube = C:\Users\Clau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\Clau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
      CHR - Extension: avast! WebRep = C:\Users\Clau\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
      CHR - Extension: FBPHOTOZOOM = C:\Users\Clau\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\2.2_0\
      CHR - Extension: \u003Cvideo\u003E de HTML5 de DivX Plus Web Player = C:\Users\Clau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
      CHR - Extension: Gmail = C:\Users\Clau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

      O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
      O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O2 - BHO: (Claro LTD Helper Object) - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
      O2 - BHO: (Savings Sidekick) - {11111111-1111-1111-1111-110011501160} - C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (215 Apps)
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\funmoods\1.5.12.2\bh\funmoods.dll (Funmoods BHO)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
      O3:64bit: - HKLM\..\Toolbar: (no name) - !{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - !{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (Claro LTD Toolbar) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O3 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
      O3 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\Toolbar\WebBrowser: (no name) - {BA5844D2-B2C5-49EB-86F5-248D776A6F08} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Archivos de programa\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [autodetect] C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe ()
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
      O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
      O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
      O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
      O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
      O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
      O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
      O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
      O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
      O4 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001..\Run: [Epson Stylus SX235(Red)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Clau\AppData\Local\Temp\E_S1651.tmp" /EF "HKCU" File not found
      O4 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001..\Run: [Facebook Update] C:\Users\Clau\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001..\Run: [Spotify] C:\Users\Clau\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
      O4 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001..\Run: [Spotify Web Helper] C:\Users\Clau\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 208.67.220.220 208.67.222.222
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBE8EDFF-40B4-4F01-B66D-8CE039DB5E4E}: DhcpNameServer = 8.8.8.8 8.8.4.4 208.67.220.220 208.67.222.222
      O18:64bit: - Protocol\Handler\cdo - No CLSID value found
      O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
      O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
      O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2011/03/29 16:12:23 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O33 - MountPoints2\{bb294488-015b-11e1-9035-1c659d4c433e}\Shell - "" = AutoRun
      O33 - MountPoints2\{bb294488-015b-11e1-9035-1c659d4c433e}\Shell\AutoRun\command - "" = E:\KODAK_Software_Downloader.exe
      O33 - MountPoints2\D\Shell - "" = AutoRun
      O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\INSTALAR.EXE AUTORUN
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/11/23 21:00:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Claro LTD
      [2012/11/23 21:00:01 | 000,000,000 | ---D | C] -- C:\Users\Clau\AppData\Roaming\Claro
      [2012/11/23 20:59:37 | 000,000,000 | ---D | C] -- C:\Users\Clau\AppData\Local\Savings Sidekick
      [2012/11/23 20:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Savings Sidekick
      [2012/11/23 20:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
      [2012/11/23 20:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
      [2012/11/23 20:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ares
      [2012/11/19 15:12:37 | 000,000,000 | ---D | C] -- C:\Users\Clau\Desktop\My Shared Folder
      [2012/11/19 02:46:54 | 000,000,000 | ---D | C] -- C:\Users\Clau\AppData\Local\Facebook
      [2011/08/27 15:40:56 | 017,327,195 | ---- | C] (Mooii) -- C:\Users\Clau\AppData\Local\photoscape-3.5.exe
      [15 C:\Users\Clau\Documents\*.tmp files -> C:\Users\Clau\Documents\*.tmp -> ]
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/11/24 00:33:08 | 000,001,318 | ---- | M] () -- C:\Users\Clau\Desktop\OTL - Acceso directo.lnk
      [2012/11/23 23:52:02 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2689634327-327057995-3812957799-1001UA.job
      [2012/11/23 23:51:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/11/23 23:22:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/11/23 20:51:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/11/23 20:18:21 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\Ares.lnk
      [2012/11/23 02:52:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2689634327-327057995-3812957799-1001Core.job
      [2012/11/22 00:54:01 | 000,000,876 | ---- | M] () -- C:\Windows\MyHeritage.INI
      [2012/11/21 23:53:41 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/11/21 23:53:41 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/11/21 23:45:57 | 2962,259,968 | -HS- | M] () -- C:\hiberfil.sys
      [2012/11/20 19:15:01 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
      [2012/11/19 15:12:03 | 000,308,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2012/11/15 22:35:29 | 009,908,576 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/11/15 22:35:29 | 003,402,006 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/11/15 22:35:29 | 003,263,224 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/11/15 22:35:29 | 002,771,532 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/11/15 22:35:29 | 000,005,214 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/11/15 01:53:41 | 000,001,299 | ---- | M] () -- C:\Users\Clau\Documents\prueba.reg
      [2012/11/08 20:55:31 | 000,002,378 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [15 C:\Users\Clau\Documents\*.tmp files -> C:\Users\Clau\Documents\*.tmp -> ]
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/11/24 00:33:08 | 000,001,318 | ---- | C] () -- C:\Users\Clau\Desktop\OTL - Acceso directo.lnk
      [2012/11/23 21:15:31 | 000,019,972 | ---- | C] () -- C:\Users\Clau\SNodes.dat
      [2012/11/23 21:15:31 | 000,005,828 | ---- | C] () -- C:\Users\Clau\CNodes.dat
      [2012/11/23 21:15:31 | 000,004,204 | ---- | C] () -- C:\Users\Clau\DHTnodes.dat
      [2012/11/23 21:15:31 | 000,000,192 | ---- | C] () -- C:\Users\Clau\FailedSNodes.dat
      [2012/11/23 21:14:25 | 000,004,204 | ---- | C] () -- C:\Users\Clau\Desktop\DHTnodes.dat
      [2012/11/23 20:18:21 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\Ares.lnk
      [2012/11/20 19:15:01 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
      [2012/11/19 15:11:52 | 000,308,872 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2012/11/19 02:47:08 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2689634327-327057995-3812957799-1001UA.job
      [2012/11/19 02:47:05 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2689634327-327057995-3812957799-1001Core.job
      [2012/11/15 01:53:41 | 000,001,299 | ---- | C] () -- C:\Users\Clau\Documents\prueba.reg
      [2012/11/14 03:11:30 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
      [2012/11/14 03:01:04 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
      [2012/09/01 12:01:44 | 000,000,031 | -H-- | C] () -- C:\Windows\UKCpInfo.sys
      [2012/05/22 18:46:27 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
      [2012/02/26 16:33:44 | 000,004,608 | ---- | C] () -- C:\Users\Clau\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/02/19 18:18:37 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
      [2011/07/09 21:34:57 | 000,000,876 | ---- | C] () -- C:\Windows\MyHeritage.INI
      [2011/07/09 21:33:50 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
      [2011/07/05 01:19:07 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
      [2011/06/19 1745 | 000,000,033 | ---- | C] () -- C:\Windows\tm.ini
      [2011/04/05 20:39:28 | 000,002,586 | ---- | C] () -- C:\Windows\EMDVD.INI
      [2011/02/09 19:14:25 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
      [2011/01/20 23:30:40 | 000,057,344 | ---- | C] () -- C:\Users\Clau\lametritonus.dll
      [2011/01/20 23:30:36 | 000,162,304 | ---- | C] () -- C:\Users\Clau\lame_enc.dll
      [2010/12/31 14:49:27 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
      [2010/11/13 11:14:46 | 000,062,648 | ---- | C] () -- C:\Users\Clau\AppData\Local\toolbar3.bmp
      [2010/11/12 11:09:56 | 000,195,108 | ---- | C] () -- C:\Users\Clau\AppData\Local\lateral3.bmp
      [2010/11/12 10:44:14 | 000,193,744 | ---- | C] () -- C:\Users\Clau\AppData\Local\lateral1.bmp
      [2010/11/12 1058 | 000,193,744 | ---- | C] () -- C:\Users\Clau\AppData\Local\lateral2.bmp
      [2010/10/21 21:36:20 | 000,203,264 | ---- | C] () -- C:\Users\Clau\AppData\Local\GetToolbar.exe
      [2010/07/13 12:45:37 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe

      ========== ZeroAccess Check ==========

      [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE
      @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E36F5B57
      @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:1A60DE96
      @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D
      @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
      @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:798A3728

      < End of report >




      Ahi va, gracias

    6. #6
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: Savings sidekick y claro search toolbar

      Bien,

      • Abre OTL.exe porfavor, y solo realiza lo siguiente tal cual:
      • Copia y pega el siguiente código en su marco en blanco (debajo de Código de Reparación)


      Código:
      :OTL
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
      IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Claro Search
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Claro Search
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4712_6&babsrc=SP_clro&mntrId=0e37617c0000000000001c659d4c433e
      FF - prefs.js..browser.search.defaultenginename: "Claro Search"
      FF - prefs.js..browser.search.order.1: "Claro Search"
      FF - prefs.js..browser.search.selectedEngine: "Claro Search"
      FF - prefs.js..browser.startup.homepage: "http://www.claro-search.com/?affID=114508&tt=4712_6&babsrc=HP_clro&mntrId=0e37617c0000000000001c659d4c433e"
      FF - prefs.js..extensions.enabledAddons: [email protected]:1.5.0
      FF - prefs.js..extensions.enabledAddons: [email protected]:1.20.00
      FF - prefs.js..extensions.enabledAddons: [email protected]:0.85.37
      FF - prefs.js..keyword.URL: "http://www.claro-search.com/?affID=114508&tt=4712_6&babsrc=KW_clro&mntrId=0e37617c0000000000001c659d4c433e&q="
      [2012/02/26 16:07:10 | 000,001,797 | ---- | M] () -- C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\funmoods.xml
      [2012/11/23 20:20:40 | 000,002,516 | ---- | M] () -- C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\mngr.xml
      [2011/12/12 22:42:36 | 000,002,520 | ---- | M] () -- C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\SearchResults.xml
      [2012/01/02 02:48:43 | 000,003,915 | ---- | M] () -- C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\sweetim.xml
      [2012/11/23 20:59:45 | 000,006,522 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
      [2011/12/12 22:42:36 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
      CHR - homepage: Claro Search
      CHR - default_search_provider: Claro Search (Enabled)
      CHR - default_search_provider: search_url = http://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4712_6&babsrc=SP_clro&mntrId=0e37617c0000000000001c659d4c433e
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: Claro Search
      O2 - BHO: (Claro LTD Helper Object) - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
      O2 - BHO: (Savings Sidekick) - {11111111-1111-1111-1111-110011501160} - C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (215 Apps)
      O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\funmoods\1.5.12.2\bh\funmoods.dll (Funmoods BHO)
      O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
      O3 - HKLM\..\Toolbar: (Claro LTD Toolbar) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
      
      
      :Files
      C:\Users\Clau\AppData\Roaming\mozilla\Firefox\Profiles\txn6o002.default\extensions
      C:\Program Files (x86)\Claro LTD
      C:\Users\Clau\AppData\Roaming\Claro
      C:\Users\Clau\AppData\Local\Savings Sidekick
      C:\Program Files (x86)\Savings Sidekick
      C:\ProgramData\IBUpdaterService
      C:\ProgramData\Browser Manager
      C:\Users\Clau\AppData\Local\Google\Chrome\User Data\Default\Extensions
      C:\ProgramData\FullRemove.exe
      
      :Commands
      [emptytemp]
      • Seguidamente pulsa sobre el botón Reparar



      Deja que se ejecute y luego del reinicio me copias el reporte que genere.



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de Agataklau
      Registrado
      abr 2012
      Ubicación
      Guadalajara
      Mensajes
      16

      Re: Savings sidekick y claro search toolbar

      All processes killed
      ========== OTL ==========
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.
      HKU\S-1-5-21-2689634327-327057995-3812957799-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!
      HKU\S-1-5-21-2689634327-327057995-3812957799-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      Registry key HKEY_USERS\S-1-5-21-2689634327-327057995-3812957799-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Prefs.js: "Claro Search" removed from browser.search.defaultenginename
      Prefs.js: "Claro Search" removed from browser.search.order.1
      Prefs.js: "Claro Search" removed from browser.search.selectedEngine
      Prefs.js: "http://www.claro-search.com/?affID=114508&tt=4712_6&babsrc=HP_clro&mntrId=0e37617c0000000000001c659d4c433e" removed from browser.startup.homepage
      Prefs.js: [email protected]:1.5.0 removed from extensions.enabledAddons
      Prefs.js: [email protected]:1.20.00 removed from extensions.enabledAddons
      Prefs.js: [email protected]:0.85.37 removed from extensions.enabledAddons
      Prefs.js: "http://www.claro-search.com/?affID=114508&tt=4712_6&babsrc=KW_clro&mntrId=0e37617c0000000000001c659d4c433e&q=" removed from keyword.URL
      File C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\funmoods.xml not found.
      File C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\mngr.xml not found.
      File C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\SearchResults.xml not found.
      File C:\Users\Clau\AppData\Roaming\mozilla\firefox\profiles\txn6o002.default\searchplugins\sweetim.xml not found.
      File C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml not found.
      File C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml not found.
      Use Chrome's Settings page to change the HomePage.
      Use Chrome's Settings page to remove the default_search_provider items.
      Use Chrome's Settings page to remove the default_search_provider items.
      Use Chrome's Settings page to remove the default_search_provider items.
      Use Chrome's Settings page to change the HomePage.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}\ not found.
      File C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}\ not found.
      File C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ not found.
      File C:\Program Files (x86)\Funmoods\funmoods\1.5.12.2\bh\funmoods.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.
      File C:\Program Files (x86)\Yontoo\YontooIEClient.dll not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}\ not found.
      File C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll not found.
      ========== FILES ==========
      File\Folder C:\Users\Clau\AppData\Roaming\mozilla\Firefox\Profiles\txn6o002.default\extensions not found.
      File\Folder C:\Program Files (x86)\Claro LTD not found.
      File\Folder C:\Users\Clau\AppData\Roaming\Claro not found.
      File\Folder C:\Users\Clau\AppData\Local\Savings Sidekick not found.
      File\Folder C:\Program Files (x86)\Savings Sidekick not found.
      File\Folder C:\ProgramData\IBUpdaterService not found.
      File\Folder C:\ProgramData\Browser Manager not found.
      File\Folder C:\Users\Clau\AppData\Local\Google\Chrome\User Data\Default\Extensions not found.
      File\Folder C:\ProgramData\FullRemove.exe not found.
      ========== COMMANDS ==========

      [EMPTYTEMP]

      User: All Users

      User: Clau
      ->Temp folder emptied: 1042 bytes
      ->Temporary Internet Files folder emptied: 734520 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 0 bytes
      ->Google Chrome cache emptied: 6712765 bytes
      ->Flash cache emptied: 0 bytes

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Invitado
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 0 bytes
      ->Google Chrome cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 0 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 7,00 mb


      OTL by OldTimer - Version 3.2.69.0 log created on 11242012_122645

      Files\Folders moved on Reboot...
      C:\Users\Clau\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
      File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
      File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    8. #8
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: Savings sidekick y claro search toolbar

      Hi,

      Si sigues con el problema ejecuta y dejame un nuevo reporte de OTL como la primera vez.



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de Agataklau
      Registrado
      abr 2012
      Ubicación
      Guadalajara
      Mensajes
      16

      Re: Savings sidekick y claro search toolbar

      OTL logfile created on: 26/11/2012 19:45:43 - Run 2
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Clau\Downloads
      64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      3,68 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 62,54% Memory free
      7,36 Gb Paging File | 5,45 Gb Available in Paging File | 74,10% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 583,07 Gb Total Space | 467,66 Gb Free Space | 80,21% Space Free | Partition Type: NTFS

      Computer Name: CLAU-PC | User Name: Clau | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Clau\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
      PRC - C:\Users\Clau\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
      PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
      PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
      PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
      PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
      PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
      PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
      PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe ()
      PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
      PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
      PRC - C:\Archivos de programa\Acer\Acer Updater\UpdaterService.exe (Acer Group)
      PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
      PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
      PRC - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)


      ========== Modules (No Company Name) ==========

      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7e8f414bc6515c5c0ac668b66c54d0e9\IAStorUtil.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1430191d067c0f28c3a676d3ecb85b26\System.Runtime.Remoting.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\515c6ffea562bb0f03a1ed8f75279648\System.Windows.Forms.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f4be07261983040b29685575b69085e8\System.Drawing.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6a68e4c50351a220511a5dfc3e025685\WindowsBase.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2d47118e5da6db054d5676e665f2be2\System.Xml.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2f44dac350b6161a9e9ce7222ae94335\System.Configuration.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c8ebcd93a2b547dc72dee2fcfabcdd50\System.ni.dll ()
      MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5530227809880c9b8b1d834e5434e840\mscorlib.ni.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
      MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_es_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
      MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
      MOD - C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe ()
      MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe File not found
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (McAfee SiteAdvisor Service) -- c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe (McAfee, Inc.)
      SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
      SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
      SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
      SRV - (ePowerSvc) -- C:\Archivos de programa\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
      SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
      SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
      SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (Updater Service) -- C:\Archivos de programa\Acer\Acer Updater\UpdaterService.exe (Acer Group)
      SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
      SRV - (EpsonBidirectionalService) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
      DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
      DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
      DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
      DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (ZTE Incorporated)
      DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
      DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
      DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
      DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
      DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
      DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search
      IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2805139


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page =
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\URLSearchHook: {ba5844d2-b2c5-49eb-86f5-248d776a6f08} - No CLSID value found
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_esES412ES412
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{9068B34B-EF30-42AC-BC34-BC1F11EF0C7A}: "URL" = http://start.funmoods.com/results.php?f=4&a=bf3&q={searchTerms}
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2805139
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: ""
      FF - prefs.js..browser.search.order.1: ""
      FF - prefs.js..browser.search.selectedEngine: ""
      FF - prefs.js..browser.startup.homepage: ""
      FF - prefs.js..extensions.enabledAddons:
      FF - prefs.js..extensions.enabledAddons:
      FF - prefs.js..extensions.enabledAddons: {C9B68337-E93A-44EA-94DC-CB300EC06444}:4.51.0
      FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.4.0.0
      FF - prefs.js..extensions.enabledAddons:


      FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Clau\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/08/23 15:34:25 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi [2012/03/25 02:28:05 | 000,102,423 | ---- | M] ()
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/28 16:56:29 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/30 22:01:57 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/01 12:01:46 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/01 12:01:46 | 000,000,000 | ---D | M]

      [2012/05/05 21:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Clau\AppData\Roaming\mozilla\Extensions
      [2012/05/21 19:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/01/03 14:34:26 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      File not found (No name found) -- C:\USERS\CLAU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TXN6O002.DEFAULT\EXTENSIONS\{C9B68337-E93A-44EA-94DC-CB300EC06444}
      File not found (No name found) -- C:\USERS\CLAU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TXN6O002.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}
      File not found (No name found) -- C:\USERS\CLAU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TXN6O002.DEFAULT\EXTENSIONS\[email protected]
      File not found (No name found) -- C:\USERS\CLAU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TXN6O002.DEFAULT\EXTENSIONS\[email protected]
      File not found (No name found) -- C:\USERS\CLAU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TXN6O002.DEFAULT\EXTENSIONS\[email protected]
      [2012/05/21 19:45:58 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/07/23 22:56:58 | 000,089,224 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
      [2012/07/23 22:59:01 | 000,089,224 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
      [2012/03/05 22:57:39 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/03/05 22:57:39 | 000,003,996 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/03/05 22:57:39 | 000,001,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2012/03/05 22:57:39 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/03/05 22:57:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/03/05 22:57:39 | 000,001,102 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - homepage: Claro Search
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: Claro Search
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
      CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Clau\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
      CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
      CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
      CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
      CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
      CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
      CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
      CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

      O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
      O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O3:64bit: - HKLM\..\Toolbar: (no name) - !{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - !{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O3 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
      O3 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001\..\Toolbar\WebBrowser: (no name) - {BA5844D2-B2C5-49EB-86F5-248D776A6F08} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Archivos de programa\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [autodetect] C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe ()
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
      O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
      O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
      O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
      O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
      O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
      O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
      O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
      O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
      O4 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001..\Run: [Epson Stylus SX235(Red)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Clau\AppData\Local\Temp\E_S1651.tmp" /EF "HKCU" File not found
      O4 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001..\Run: [Facebook Update] C:\Users\Clau\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001..\Run: [Spotify] C:\Users\Clau\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
      O4 - HKU\S-1-5-21-2689634327-327057995-3812957799-1001..\Run: [Spotify Web Helper] C:\Users\Clau\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 208.67.220.220 208.67.222.222
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBE8EDFF-40B4-4F01-B66D-8CE039DB5E4E}: DhcpNameServer = 8.8.8.8 8.8.4.4 208.67.220.220 208.67.222.222
      O18:64bit: - Protocol\Handler\cdo - No CLSID value found
      O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
      O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
      O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
      O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2011/03/29 16:12:23 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O33 - MountPoints2\{bb294488-015b-11e1-9035-1c659d4c433e}\Shell - "" = AutoRun
      O33 - MountPoints2\{bb294488-015b-11e1-9035-1c659d4c433e}\Shell\AutoRun\command - "" = E:\KODAK_Software_Downloader.exe
      O33 - MountPoints2\D\Shell - "" = AutoRun
      O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\INSTALAR.EXE AUTORUN
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/11/26 09:08:55 | 000,000,000 | ---D | C] -- C:\Users\Clau\AppData\Local\Songr
      [2012/11/26 09:07:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Songr
      [2012/11/24 12:06:41 | 000,000,000 | ---D | C] -- C:\_OTL
      [2012/11/23 20:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ares
      [2012/11/19 15:12:37 | 000,000,000 | ---D | C] -- C:\Users\Clau\Desktop\My Shared Folder
      [2012/11/19 02:46:54 | 000,000,000 | ---D | C] -- C:\Users\Clau\AppData\Local\Facebook
      [2011/08/27 15:40:56 | 017,327,195 | ---- | C] (Mooii) -- C:\Users\Clau\AppData\Local\photoscape-3.5.exe
      [15 C:\Users\Clau\Documents\*.tmp files -> C:\Users\Clau\Documents\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/11/26 19:51:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2012/11/26 18:37:32 | 009,983,716 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/11/26 18:37:32 | 003,425,216 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/11/26 18:37:32 | 003,289,194 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/11/26 18:37:32 | 002,793,782 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/11/26 18:37:32 | 000,005,214 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/11/26 18:34:48 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2689634327-327057995-3812957799-1001UA.job
      [2012/11/26 18:34:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/11/26 09:07:33 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Songr.lnk
      [2012/11/26 08:59:15 | 004,572,876 | ---- | M] () -- C:\Users\Clau\Desktop\Songr.zip
      [2012/11/26 02:52:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2689634327-327057995-3812957799-1001Core.job
      [2012/11/25 22:26:26 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2012/11/24 21:30:00 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/11/24 21:30:00 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/11/24 21:21:31 | 2962,259,968 | -HS- | M] () -- C:\hiberfil.sys
      [2012/11/24 00:33:08 | 000,001,318 | ---- | M] () -- C:\Users\Clau\Desktop\OTL - Acceso directo.lnk
      [2012/11/23 20:18:21 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\Ares.lnk
      [2012/11/22 00:54:01 | 000,000,876 | ---- | M] () -- C:\Windows\MyHeritage.INI
      [2012/11/20 19:15:01 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
      [2012/11/19 15:12:03 | 000,308,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2012/11/15 01:53:41 | 000,001,299 | ---- | M] () -- C:\Users\Clau\Documents\prueba.reg
      [2012/11/08 20:55:31 | 000,002,378 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [15 C:\Users\Clau\Documents\*.tmp files -> C:\Users\Clau\Documents\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/11/26 09:07:33 | 000,001,039 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Songr.lnk
      [2012/11/26 09:07:33 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Songr.lnk
      [2012/11/26 08:59:08 | 004,572,876 | ---- | C] () -- C:\Users\Clau\Desktop\Songr.zip
      [2012/11/24 00:33:08 | 000,001,318 | ---- | C] () -- C:\Users\Clau\Desktop\OTL - Acceso directo.lnk
      [2012/11/23 21:15:31 | 000,019,972 | ---- | C] () -- C:\Users\Clau\SNodes.dat
      [2012/11/23 21:15:31 | 000,005,828 | ---- | C] () -- C:\Users\Clau\CNodes.dat
      [2012/11/23 21:15:31 | 000,004,204 | ---- | C] () -- C:\Users\Clau\DHTnodes.dat
      [2012/11/23 21:15:31 | 000,000,192 | ---- | C] () -- C:\Users\Clau\FailedSNodes.dat
      [2012/11/23 21:14:25 | 000,004,204 | ---- | C] () -- C:\Users\Clau\Desktop\DHTnodes.dat
      [2012/11/23 20:18:21 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\Ares.lnk
      [2012/11/20 19:15:01 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
      [2012/11/19 15:11:52 | 000,308,872 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2012/11/19 02:47:08 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2689634327-327057995-3812957799-1001UA.job
      [2012/11/19 02:47:05 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2689634327-327057995-3812957799-1001Core.job
      [2012/11/15 01:53:41 | 000,001,299 | ---- | C] () -- C:\Users\Clau\Documents\prueba.reg
      [2012/11/14 03:11:30 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
      [2012/11/14 03:01:04 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
      [2012/09/01 12:01:44 | 000,000,031 | -H-- | C] () -- C:\Windows\UKCpInfo.sys
      [2012/05/22 18:46:27 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
      [2012/02/26 16:33:44 | 000,004,608 | ---- | C] () -- C:\Users\Clau\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2012/02/19 18:18:37 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
      [2011/07/09 21:34:57 | 000,000,876 | ---- | C] () -- C:\Windows\MyHeritage.INI
      [2011/07/09 21:33:50 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
      [2011/07/05 01:19:07 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
      [2011/06/19 1745 | 000,000,033 | ---- | C] () -- C:\Windows\tm.ini
      [2011/04/05 20:39:28 | 000,002,586 | ---- | C] () -- C:\Windows\EMDVD.INI
      [2011/02/09 19:14:25 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
      [2011/01/20 23:30:40 | 000,057,344 | ---- | C] () -- C:\Users\Clau\lametritonus.dll
      [2011/01/20 23:30:36 | 000,162,304 | ---- | C] () -- C:\Users\Clau\lame_enc.dll
      [2010/12/31 14:49:27 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
      [2010/11/13 11:14:46 | 000,062,648 | ---- | C] () -- C:\Users\Clau\AppData\Local\toolbar3.bmp
      [2010/11/12 11:09:56 | 000,195,108 | ---- | C] () -- C:\Users\Clau\AppData\Local\lateral3.bmp
      [2010/11/12 10:44:14 | 000,193,744 | ---- | C] () -- C:\Users\Clau\AppData\Local\lateral1.bmp
      [2010/11/12 1058 | 000,193,744 | ---- | C] () -- C:\Users\Clau\AppData\Local\lateral2.bmp
      [2010/10/21 21:36:20 | 000,203,264 | ---- | C] () -- C:\Users\Clau\AppData\Local\GetToolbar.exe

      ========== ZeroAccess Check ==========

      [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE
      @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E36F5B57
      @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:1A60DE96
      @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D
      @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
      @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:798A3728

      < End of report >

    10. #10
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.545

      Re: Savings sidekick y claro search toolbar

      Hola de nuevo,

      Prueba la versión actualizada de AT-Destroyer en la opción "Buscar y Destruir"
      SI te da algún inconveniente ejecutala entrando en modo seguro. AL finalizar te dejará un ionforme, me lo copias y me indicas si persiste el problema y en cual navegador.



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo