• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 11

    Delta-search.com imposible de eliminar (Solucionado)

    Resumen del tema: Delta-search.com imposible de eliminar (Solucionado) - Hola llegue a este foro porque hoy actualice my pony, entonces al no instalar la barra de babylon y clickear muy rapido instale algo de delta-search.com. Baje el AT - Destroyer, no lo elimina. Lo ...

      
    1. #1
      Usuario Avatar de Gaby Cobain
      Registrado
      nov 2012
      Mensajes
      6

      Delta-search.com imposible de eliminar (Solucionado)

      Hola llegue a este foro porque hoy actualice my pony, entonces al no instalar la barra de babylon y clickear muy rapido instale algo de delta-search.com. Baje el AT - Destroyer, no lo elimina. Lo desinstale con el tune up supuestamente pero cuando abro google chrome es la primer pestaña que abre, cada vez que ejecuto: AT - Destroyer me dice que tengo el registro infectado pero no lo soluciona, trata de hacer una restauracion de sistema y falla.
      Busque y no encuentro como eliminarla, aca les dejo unas capturas. por mas que cambio esas cosas siempre aparece, estoy escribiendo desde firefox ya que no quiero ni abrir el chrome.

      http://i1127.photobucket.com/albums/l624/DisturbedbyGaby/1.gif
      http://i1127.photobucket.com/albums/l624/DisturbedbyGaby/2.gif
      http://i1127.photobucket.com/albums/l624/DisturbedbyGaby/3.gif


      PD: creo el tema aca porque me parecio adecuado busque en: Guías de Eliminación de Malwares y no decia nada de esta pagina

    2. #2
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.111

      Re: Delta-search.com imposible de eliminar

      Hola


      En que Navegadores Ocurre este problema ...

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Gaby Cobain
      Registrado
      nov 2012
      Mensajes
      6

      Re: Delta-search.com imposible de eliminar

      Leosolari, uso google chrome y ahi me aparecio el problema.
      En firefox e internet explorer no lo tengo.

      Saludos!

    4. #4
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.111

      Re: Delta-search.com imposible de eliminar

      Hola


      Desinstalà Completamente Google Chrome, con sus datos de navegaciòn y Extensiones.



      • Desactivá temporalmente el Antivirus y/o Antispyware. Cómo deshabilitar temporalmente su Antivirus

      • Descarga la Herramienta AT-Destroyer (by InfoSpyware)

      • Ejecuta la herramienta como administrador.
      • (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")

      • Aparecerá el Disclaimer de la herramienta. Presiona .

      • Presiona sobre la opción 1 (Buscar y Destruir)

      • La herramienta desconectará el escritorio moméntaneamente.

      • En caso de estar infectado,la herramienta lo indicará con lineas rojas donde se haya encontrado la infección,sino,serán lineas verdes.

      • Una vez terminado el escaneo,podrás volver a ver el escritorio y se te abrirá un reporte,que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.







      Descargá OTL By OldTimer





      >>> Ejecutá OTL
      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo asta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Pegá el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:

        NOTA: No copiar la palabra Cita.
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.




      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de Gaby Cobain
      Registrado
      nov 2012
      Mensajes
      6

      Re: Delta-search.com imposible de eliminar

      Leo, gracias por la ayuda y el paso a paso con los programas aca esta el reporte del programa: AT - Destroyer

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.7 By Infospyware
      InfoSpyware
      Fecha iniciada en el analisis 29/11/2012
      Hora iniciada en el analisis 10:49:07,51
      Usuario Actual : [C:\Users\Gaby]
      Sistema Operativo: Windows 7 Ultimate
      Arquitectura: Sistema operativo de 64 bits
      Versión Internet Explorer: 8.0.7601.17514
      Modo Actual: Modo Normal.
      Privilegios: [Gaby-Administrador]
      Versión Google Chrome:
      Versión Mozilla Firefox: 16.0.2

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======


      HKEY_CURRENT_USER\Software\DataMngr\Files
      HKEY_CURRENT_USER\Software\DataMngr\Files\ChromeHomepage
      HKEY_CURRENT_USER\Software\DataMngr\Files\Homepage
      HKEY_CURRENT_USER\Software\DataMngr\Files\SelectedSearch
      HKEY_CURRENT_USER\Software\DataMngr\Files\UrlbarSearch
      HKEY_CURRENT_USER\Software\DataMngr\List
      HKEY_CURRENT_USER\Software\DataMngr\List\Item1
      HKEY_CURRENT_USER\Software\DataMngr\List\Item2
      HKEY_CURRENT_USER\Software\DataMngr\List\Item3
      HKEY_CURRENT_USER\Software\DataMngr\Toolbar
      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_CURRENT_USER\Software\DataMngr_Toolbar
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item1
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item2
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item3
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr


      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\Users\Gaby\Appdata\Local\GDIPFONTCACHEV1.DAT


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == Bing
      Local Page == C:\Windows\system32\blank.htm

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == Bing
      Local Page == C:\Windows\SysWOW64\blank.htm
      Default_Search_URL == Bing
      Default_Page_URL == MSN.com


      "HKEY_USERS\S-1-5-21-2644563249-2515129753-1215335913-1000\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == Bing
      Local Page == C:\Windows\system32\blank.htm


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,
      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("browser.startup.homepage", "http://google.com");




      ======= EOF =======


      Reporte OTL:


      OTL logfile created on: 29/11/2012 10:58:08 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gaby\Documents\Descargas
      64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.7601.17514)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      3,98 Gb Total Physical Memory | 2,82 Gb Available Physical Memory | 70,89% Memory free
      7,96 Gb Paging File | 6,50 Gb Available in Paging File | 81,68% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 247,82 Gb Total Space | 148,13 Gb Free Space | 59,77% Space Free | Partition Type: NTFS
      Drive D: | 683,59 Gb Total Space | 175,47 Gb Free Space | 25,67% Space Free | Partition Type: NTFS
      Drive G: | 5,57 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

      Computer Name: GABY-PC | User Name: Gaby | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Gaby\Documents\Descargas\OTL.exe (OldTimer Tools)
      PRC - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\XWidget\xwidget.exe (xwidget.com)
      PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
      PRC - C:\Windows\SysWOW64\schtasks.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (ASUSTeK Computer Inc.)
      PRC - C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
      PRC - C:\Windows\SysWOW64\ASTSRV.EXE (Nalpeiron Ltd.)
      PRC - C:\Program Files (x86)\Winamp\winampa.exe ()


      ========== Modules (No Company Name) ==========

      MOD - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      MOD - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      MOD - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraEsp.dll ()
      MOD - C:\Windows\SysWOW64\AsIO.dll ()
      MOD - C:\Program Files (x86)\XWidget\Res\Lib\lib.dll ()
      MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll ()
      MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll ()
      MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll ()
      MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll ()
      MOD - C:\Program Files (x86)\Winamp\winampa.exe ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ASTSRV) -- C:\Windows\SysWOW64\ASTSRV.EXE (Nalpeiron Ltd.)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
      DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
      DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
      DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
      DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
      DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
      DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
      DRV - (AODDriver4.2) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
      DRV - (AODDriver4.01) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
      DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Delta Search
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN España: Hotmail, Messenger, Skype y Cuenta Microsoft
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 49 BD 2E 78 B5 BD CD 01 [binary data]
      IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=112842&tt=261112_yh_4812_3&babsrc=SP_ss&mntrId=065fcdfa0000000000005404a6b0d707
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..keyword.URL: "http://google.com"


      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/01 12:32:42 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/31 00:30:59 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/01 01:39:56 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/11/15 00:56:11 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012/11/28 03:22:31 | 000,000,000 | ---D | M]

      [2012/10/01 14:06:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaby\AppData\Roaming\mozilla\Extensions
      [2012/11/28 03:22:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaby\AppData\Roaming\mozilla\Firefox\Profiles\jfqz16k2.default\extensions
      [2012/11/23 20:26:59 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Gaby\AppData\Roaming\mozilla\firefox\profiles\jfqz16k2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2012/10/31 00:30:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/11/28 03:22:31 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION
      [2012/10/31 00:30:59 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/06/28 12:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
      [2012/10/31 00:30:57 | 000,004,080 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/10/31 00:30:57 | 000,002,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolibre-ar.xml
      [2012/10/31 00:30:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/10/31 00:30:57 | 000,000,824 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-ar.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: Google

      O1 HOSTS File: ([2002/01/01 00:50:13 | 000,000,864 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [Nod 32 protection] c:\Nod_32 /r File not found
      O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
      O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
      O4 - HKCU..\Run: [XWidget] C:\Program Files (x86)\XWidget\xwidget.exe (xwidget.com)
      O4 - Startup: C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
      O8:64bit: - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
      O8 - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pu...sh/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0974A29E-297F-460E-A126-E9C123BE5D8B}: NameServer = 192.168.1.1,8.8.8.8
      O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (c:\progra~3\browse~1\25911~1.18\{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\offdiag.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\offdiag.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2012/11/29 10:48:08 | 000,000,074 | ---- | M] () - C:\autorun.inf -- [ NTFS ]
      O32 - AutoRun File - [2012/11/29 10:48:08 | 000,000,074 | ---- | M] () - D:\autorun.inf -- [ NTFS ]
      O32 - AutoRun File - [2010/08/24 11:48:06 | 000,000,058 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
      O33 - MountPoints2\{e30c3037-0bf4-11e2-bb18-5404a6b0d707}\Shell - "" = AutoRun
      O33 - MountPoints2\{e30c3037-0bf4-11e2-bb18-5404a6b0d707}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2010/08/24 11:48:06 | 000,604,075 | R--- | M] (2K Games )
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

      MsConfig:64bit - State: "bootini" - Reg Error: Key error.

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/11/29 10:49:04 | 000,100,352 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/11/29 01:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XWidget
      [2012/11/29 01:05:22 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\xwidget
      [2012/11/29 01:05:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XWidget
      [2012/11/28 10:02:12 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\Descargas
      [2012/11/28 09:47:20 | 000,184,320 | ---- | C] (Gammadyne Corporation) -- C:\Windows\SysNative\delnext.exe
      [2012/11/28 09:42:43 | 000,000,000 | ---D | C] -- C:\ToolBar SD
      [2012/11/28 06:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
      [2012/11/28 06:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
      [2012/11/28 06:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
      [2012/11/28 06:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
      [2012/11/28 04:53:53 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2012/11/28 03:22:40 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
      [2012/11/28 03:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
      [2012/11/27 22:02:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
      [2012/11/27 22:02:55 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
      [2012/11/27 22:02:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
      [2012/11/18 2324 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Related Programs
      [2012/11/18 2324 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
      [2012/11/18 23:09:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
      [2012/11/18 23:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
      [2012/11/18 23:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
      [2012/11/18 23:08:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software
      [2012/11/18 23:08:57 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\NCH Software
      [2012/11/16 21:37:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
      [2012/11/16 05:17:25 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\CAE_Report_Generator
      [2012/11/16 05:17:25 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\CAE_Report_Generator
      [2012/11/16 05:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAE Report Generator
      [2012/11/16 05:16:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1
      [2012/11/16 05:16:42 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
      [2012/11/16 05:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
      [2012/11/16 05:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
      [2012/11/16 05:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
      [2012/11/16 05:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
      [2012/11/16 05:16:34 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264vfw
      [2012/11/16 05:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw
      [2012/11/16 05:16:29 | 000,839,680 | ---- | C] (www) -- C:\Windows\SysWow64\LameACM.acm
      [2012/11/16 05:16:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAE Report Generator
      [2012/11/15 22:23:08 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\4
      [2012/11/10 01:42:36 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\Mipony
      [2012/11/10 01:19:24 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
      [2012/11/10 01:19:12 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
      [2012/11/10 01:19:11 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
      [2012/11/10 01:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
      [2012/11/10 01:18:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
      [2012/11/10 01:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
      [2012/11/10 01:17:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
      [2012/11/10 01:17:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
      [2012/11/09 15:33:12 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\URUSoft
      [2012/11/09 15:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URUSoft
      [2012/11/09 15:33:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\URUSoft
      [2012/11/09 01:38:49 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Anino Games
      [2012/11/09 00:47:35 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\TuneUp Software
      [2012/11/08 18:42:07 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\2K Games
      [2012/11/08 18:21:41 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\SulusGames
      [2012/11/08 1822 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
      [2012/11/08 18:08:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
      [2012/11/08 18:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
      [2012/11/08 17:49:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
      [2012/11/08 17:31:50 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Boolat Games
      [2012/11/08 17:28:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Juegos bettyboopz
      [2012/11/07 22:06:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrontierVilleBot
      [2012/11/07 22:05:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FrontierVilleBot
      [2012/11/07 21:23:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
      [2012/11/07 18:42:45 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\celu archivos
      [2012/11/06 17:07:22 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Nero
      [2012/11/06 15:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
      [2012/11/06 15:22:08 | 000,802,816 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\imagXRA7.dll
      [2012/11/06 15:22:08 | 000,368,640 | ---- | C] (Pegasus Imaging Corporation) -- C:\Windows\SysWow64\TwnLib4.dll
      [2012/11/06 15:22:07 | 001,757,184 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\imagX7.dll
      [2012/11/06 15:22:07 | 000,497,296 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\imagXpr7.dll
      [2012/11/06 15:22:07 | 000,258,048 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\imagXR7.dll
      [2012/11/06 15:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
      [2012/11/06 15:22:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
      [2012/11/06 15:22:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
      [2012/11/05 11:30:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Valve
      [2012/11/05 00:43:25 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\Rockstar Games
      [2012/11/05 00:41:43 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\Rockstar Games
      [2012/11/05 00:39:07 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
      [2012/11/05 00:37:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
      [2012/11/05 00:37:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
      [2012/11/05 00:18:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
      [2012/11/05 00:18:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
      [2012/11/02 08:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
      [2012/11/02 08:37:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
      [2012/11/02 08:37:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garena Plus
      [2012/11/02 08:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\GarenaMessenger
      [2012/11/02 08:15:54 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Mipony
      [2012/11/02 08:15:49 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
      [2012/11/02 08:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony
      [2012/11/02 08:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiPony
      [2012/11/02 00:25:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
      [2012/10/31 15:13:56 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Thunderbird
      [2012/10/31 15:13:56 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\Thunderbird
      [2012/10/31 15:03:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
      [2012/10/31 09:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
      [2012/10/31 09:29:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
      [2012/10/31 09:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
      [2012/10/31 09:28:55 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Sony
      [2012/10/31 00:30:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2012/10/30 14:48:34 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\Mis archivos recibidos
      [2012/10/30 14:47:10 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Tracing
      [2012/10/30 14:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
      [2012/10/30 14:32:20 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\Windows Live
      [2012/10/30 14:32:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live

      ========== Files - Modified Within 30 Days ==========

      [2012/11/29 10:59:45 | 002,621,440 | -HS- | M] () -- C:\Users\Gaby\ntuser.dat
      [2012/11/29 10:55:46 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/11/29 10:55:46 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/11/29 10:54:32 | 001,670,586 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/11/29 10:54:32 | 000,745,236 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/11/29 10:54:32 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/11/29 10:54:32 | 000,157,736 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/11/29 10:54:32 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/11/29 10:50:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/11/29 10:48:35 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
      [2012/11/29 10:48:08 | 000,000,146 | ---- | M] () -- C:\Windows\maloso.reg
      [2012/11/29 10:48:08 | 000,000,074 | ---- | M] () -- C:\Windows\maloso.inf
      [2012/11/29 10:48:08 | 000,000,074 | ---- | M] () -- C:\autorun.inf
      [2012/11/29 10:48:00 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
      [2012/11/29 10:47:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/11/29 10:47:48 | 3207,159,808 | -HS- | M] () -- C:\hiberfil.sys
      [2012/11/29 10:46:49 | 003,001,545 | -H-- | M] () -- C:\Users\Gaby\AppData\Local\IconCache.db
      [2012/11/29 10:43:30 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012/11/29 01:05:25 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\XWidget.lnk
      [2012/11/28 09:05:38 | 000,516,139 | ---- | M] () -- C:\Users\Gaby\Desktop\AT-Destroyer.exe
      [2012/11/28 04:36:07 | 000,374,272 | ---- | M] () -- C:\Windows\EyeCand3.INI
      [2012/11/28 03:21:35 | 000,000,999 | ---- | M] () -- C:\Users\Gaby\Desktop\MiPony.lnk
      [2012/11/27 22:02:55 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
      [2012/11/25 00:14:36 | 000,000,140 | ---- | M] () -- C:\Windows\winamp.ini
      [2012/11/22 07:32:20 | 000,131,391 | ---- | M] () -- C:\Users\Gaby\Documents\CupcakeTutoriials' (13).png
      [2012/11/22 07:31:42 | 000,043,513 | ---- | M] () -- C:\Users\Gaby\Documents\muneca_png_38_by_fabii27-d5fgnq6.png
      [2012/11/22 07:31:37 | 000,017,032 | ---- | M] () -- C:\Users\Gaby\Documents\muneca_png_by_krishnasofia-d4jeh71.png
      [2012/11/16 21:37:55 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
      [2012/11/16 05:16:48 | 000,001,155 | ---- | M] () -- C:\Users\Public\Desktop\CAE Report Generator.lnk
      [2012/11/16 05:16:34 | 000,067,863 | ---- | M] () -- C:\Windows\SysWow64\x264vfw-uninstall.exe
      [2012/11/12 14:58:07 | 000,000,011 | ---- | M] () -- C:\Windows\3DShadow.INI
      [2012/11/07 22:06:10 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\FrontierVilleBot.lnk
      [2012/11/05 00:39:07 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
      [2012/11/01 12:32:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
      [2012/11/01 09:51:28 | 000,000,983 | ---- | M] () -- C:\Users\Gaby\Desktop\Winamp.lnk
      [2012/11/01 04:22:28 | 000,524,288 | -HS- | M] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TMContainer00000000000000000002.regtrans-ms
      [2012/11/01 04:22:28 | 000,524,288 | -HS- | M] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TMContainer00000000000000000001.regtrans-ms
      [2012/11/01 04:22:28 | 000,065,536 | -HS- | M] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TM.blf
      [2012/11/01 03:50:25 | 001,646,944 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2012/10/30 19:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
      [2012/10/30 19:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
      [2012/10/30 19:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
      [2012/10/30 19:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
      [2012/10/30 19:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
      [2012/10/30 19:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
      [2012/10/30 19:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
      [2012/10/30 19:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

      ========== Files Created - No Company Name ==========

      [2012/11/29 10:46:03 | 000,516,139 | ---- | C] () -- C:\Users\Gaby\Desktop\AT-Destroyer.exe
      [2012/11/29 10:43:29 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012/11/29 01:05:25 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\XWidget.lnk
      [2012/11/28 09:47:20 | 000,082,188 | ---- | C] () -- C:\Windows\SysNative\zip.exe
      [2012/11/28 09:05:52 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/11/28 09:05:52 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/11/28 09:05:52 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/11/27 22:02:54 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
      [2012/11/23 18:47:01 | 000,031,232 | ---- | C] () -- C:\data.cab
      [2012/11/23 18:47:01 | 000,001,709 | ---- | C] () -- C:\instalar.bat
      [2012/11/23 18:47:01 | 000,000,074 | ---- | C] () -- C:\autorun.inf
      [2012/11/22 19:58:31 | 000,001,709 | ---- | C] () -- C:\Nod_32.bat
      [2012/11/22 19:58:31 | 000,000,146 | ---- | C] () -- C:\Windows\maloso.reg
      [2012/11/22 19:58:31 | 000,000,074 | ---- | C] () -- C:\Windows\maloso.inf
      [2012/11/22 19:58:30 | 000,031,232 | ---- | C] () -- C:\Windows\cmdow.exe
      [2012/11/22 19:58:30 | 000,001,709 | ---- | C] () -- C:\Windows\maloso.bat
      [2012/11/22 07:32:20 | 000,131,391 | ---- | C] () -- C:\Users\Gaby\Documents\CupcakeTutoriials' (13).png
      [2012/11/22 07:31:42 | 000,043,513 | ---- | C] () -- C:\Users\Gaby\Documents\muneca_png_38_by_fabii27-d5fgnq6.png
      [2012/11/22 07:31:37 | 000,017,032 | ---- | C] () -- C:\Users\Gaby\Documents\muneca_png_by_krishnasofia-d4jeh71.png
      [2012/11/18 2342 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
      [2012/11/18 2324 | 000,001,126 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk
      [2012/11/18 2302 | 000,001,190 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad, software para edición de vídeo.lnk
      [2012/11/18 23:08:59 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism, convertidor de archivos de vídeo.lnk
      [2012/11/16 21:37:55 | 000,001,190 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
      [2012/11/16 05:16:48 | 000,001,155 | ---- | C] () -- C:\Users\Public\Desktop\CAE Report Generator.lnk
      [2012/11/16 05:16:37 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
      [2012/11/16 05:16:37 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
      [2012/11/16 05:16:37 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
      [2012/11/16 05:16:34 | 000,067,863 | ---- | C] () -- C:\Windows\SysWow64\x264vfw-uninstall.exe
      [2012/11/16 05:16:29 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
      [2012/11/15 00:56:17 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
      [2012/11/12 14:56:00 | 000,000,011 | ---- | C] () -- C:\Windows\3DShadow.INI
      [2012/11/10 01:19:07 | 000,002,199 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
      [2012/11/07 22:06:10 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\FrontierVilleBot.lnk
      [2012/11/02 08:45:31 | 000,002,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
      [2012/11/02 08:45:31 | 000,001,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
      [2012/11/02 08:45:31 | 000,001,928 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
      [2012/11/02 08:15:50 | 000,000,999 | ---- | C] () -- C:\Users\Gaby\Desktop\MiPony.lnk
      [2012/11/01 09:51:32 | 000,000,140 | ---- | C] () -- C:\Windows\winamp.ini
      [2012/11/01 09:51:28 | 000,000,983 | ---- | C] () -- C:\Users\Gaby\Desktop\Winamp.lnk
      [2012/11/01 04:22:21 | 003,001,545 | -H-- | C] () -- C:\Users\Gaby\AppData\Local\IconCache.db
      [2012/11/01 01:41:35 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TMContainer00000000000000000002.regtrans-ms
      [2012/11/01 01:41:35 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TMContainer00000000000000000001.regtrans-ms
      [2012/11/01 01:41:35 | 000,065,536 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TM.blf
      [2012/10/30 14:45:03 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
      [2012/10/30 14:42:17 | 001,646,944 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2012/10/29 21:05:58 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{f9c8e675-2224-11e2-98e0-ce6993218a56}.TMContainer00000000000000000002.regtrans-ms
      [2012/10/29 21:05:58 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{f9c8e675-2224-11e2-98e0-ce6993218a56}.TMContainer00000000000000000001.regtrans-ms
      [2012/10/29 21:05:58 | 000,065,536 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{f9c8e675-2224-11e2-98e0-ce6993218a56}.TM.blf
      [2012/10/25 09:11:51 | 000,035,328 | ---- | C] () -- C:\Windows\INETWH32.DLL
      [2012/10/25 09:11:51 | 000,009,136 | ---- | C] () -- C:\Windows\INETWH16.DLL
      [2012/10/25 09:11:51 | 000,004,528 | ---- | C] () -- C:\Windows\SETBROWS.EXE
      [2012/10/24 14:42:41 | 000,374,272 | ---- | C] () -- C:\Windows\EyeCand3.INI
      [2012/10/24 14:25:42 | 000,296,448 | ---- | C] () -- C:\Windows\Xenofex.ini
      [2012/10/24 12:56:09 | 000,044,544 | ---- | C] () -- C:\Windows\AWuninstall.exe
      [2012/10/24 12:49:56 | 000,000,016 | ---- | C] () -- C:\Windows\Wininit.ini
      [2012/10/24 12:41:01 | 000,000,553 | ---- | C] () -- C:\Windows\AVPuzzlePro12.ini
      [2012/10/24 12:40:40 | 000,147,456 | ---- | C] () -- C:\Windows\AVUNTOOL.EXE
      [2012/10/24 12:35:29 | 000,210,944 | ---- | C] () -- C:\Windows\MSVCRT10.DLL
      [2012/10/24 12:35:28 | 000,057,344 | ---- | C] () -- C:\Windows\icmfilter.dll
      [2012/10/17 19:41:57 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
      [2012/09/27 22:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
      [2012/09/27 22:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
      [2012/09/20 22:24:06 | 000,000,020 | -HS- | C] () -- C:\Users\Gaby\ntuser.ini
      [2012/09/20 22:24:05 | 002,621,440 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat
      [2012/09/20 22:24:05 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
      [2012/09/20 22:24:05 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
      [2012/09/20 22:24:05 | 000,065,536 | -HS- | C] () -- C:\Users\Gaby\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
      [2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

      ========== ZeroAccess Check ==========

      [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2010/11/21 00:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2010/11/21 00:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2012/11/12 12:48:06 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Alien Skin
      [2012/11/09 01:38:49 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Anino Games
      [2012/11/08 17:31:50 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Boolat Games
      [2012/11/16 05:17:25 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\CAE_Report_Generator
      [2012/11/29 09:34:09 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Dropbox
      [2012/10/25 10:48:22 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Jasc
      [2012/11/29 06:05:40 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Mipony
      [2012/10/31 09:28:55 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Sony
      [2012/11/08 18:21:41 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\SulusGames
      [2012/11/15 01:05:58 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Thunderbird
      [2012/11/10 01:18:48 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\TuneUp Software
      [2012/11/29 08:09:31 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\uTorrent

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/11/28 09:47:26 | 000,000,634 | ---- | M] () -- C:\Ad-Fix.txt
      [2012/11/28 09:21:40 | 000,000,835 | ---- | M] () -- C:\AdwCleaner[R1].txt
      [2012/11/28 09:22:03 | 000,000,835 | ---- | M] () -- C:\AdwCleaner[R2].txt
      [2012/11/28 09:24:26 | 000,000,911 | ---- | M] () -- C:\AdwCleaner[R3].txt
      [2012/11/28 09:34:30 | 000,000,835 | ---- | M] () -- C:\AdwCleaner[R4].txt
      [2012/11/28 09:35:33 | 000,000,841 | ---- | M] () -- C:\AdwCleaner[R5].txt
      [2012/11/28 09:36:55 | 000,000,841 | ---- | M] () -- C:\AdwCleaner[R6].txt
      [2012/11/29 10:50:58 | 000,003,128 | ---- | M] () -- C:\AT-Destroyer.txt
      [2012/11/29 10:48:08 | 000,000,074 | ---- | M] () -- C:\autorun.inf
      [2002/01/01 00:57:24 | 000,383,786 | RHS- | M] () -- C:\bootmgr
      [2012/09/20 18:16:41 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2012/10/29 19:19:29 | 000,025,167 | ---- | M] () -- C:\ComboFix.txt
      [2004/12/19 19:02:54 | 000,031,232 | ---- | M] () -- C:\data.cab
      [2012/10/24 21:15:02 | 000,180,422 | ---- | M] () -- C:\EyeCandyLog.txt
      [2012/11/29 10:47:48 | 3207,159,808 | -HS- | M] () -- C:\hiberfil.sys
      [2010/07/02 21:47:26 | 000,001,709 | ---- | M] () -- C:\instalar.bat
      [2010/07/02 21:47:26 | 000,001,709 | ---- | M] () -- C:\Nod_32.bat
      [2012/11/29 10:47:50 | 4276,215,808 | -HS- | M] () -- C:\pagefile.sys
      [2012/11/29 10:49:07 | 000,000,120 | ---- | M] () -- C:\prueba.txt
      [2002/01/01 00:11:51 | 000,002,164 | ---- | M] () -- C:\RHDSetup.log
      [2002/01/01 00:57:30 | 000,206,312 | RHS- | M] () -- C:\XELDZ

      < End of report >


      Gracias por la ayuda! Saludos :)

    6. #6
      Usuario Avatar de Gaby Cobain
      Registrado
      nov 2012
      Mensajes
      6

      Re: Delta-search.com imposible de eliminar

      Leo, gracias por la ayuda y el paso a paso con los programas aca esta el reporte del programa: AT - Destroyer

      #################################################### A/T-Destroyer by InfoSpyware ############

      A/T-Destroyer 1.0.7 By Infospyware
      InfoSpyware
      Fecha iniciada en el analisis 29/11/2012
      Hora iniciada en el analisis 10:49:07,51
      Usuario Actual : [C:\Users\Gaby]
      Sistema Operativo: Windows 7 Ultimate
      Arquitectura: Sistema operativo de 64 bits
      Versión Internet Explorer: 8.0.7601.17514
      Modo Actual: Modo Normal.
      Privilegios: [Gaby-Administrador]
      Versión Google Chrome:
      Versión Mozilla Firefox: 16.0.2

      ====== Servicios Eliminados By A/T-Destroyer ======




      ====== Claves Eliminadas By A/T-Destroyer ======


      HKEY_CURRENT_USER\Software\DataMngr\Files
      HKEY_CURRENT_USER\Software\DataMngr\Files\ChromeHomepage
      HKEY_CURRENT_USER\Software\DataMngr\Files\Homepage
      HKEY_CURRENT_USER\Software\DataMngr\Files\SelectedSearch
      HKEY_CURRENT_USER\Software\DataMngr\Files\UrlbarSearch
      HKEY_CURRENT_USER\Software\DataMngr\List
      HKEY_CURRENT_USER\Software\DataMngr\List\Item1
      HKEY_CURRENT_USER\Software\DataMngr\List\Item2
      HKEY_CURRENT_USER\Software\DataMngr\List\Item3
      HKEY_CURRENT_USER\Software\DataMngr\Toolbar
      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_CURRENT_USER\Software\DataMngr_Toolbar
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item1
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item2
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\List\Item3
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr


      ====== Archivos/Carpetas Eliminados By A/T-Destroyer ======


      C:\Users\Gaby\Appdata\Local\GDIPFONTCACHEV1.DAT


      ====== Información Extra ======


      -_-_-_-_-_-_-_-_ Configuraciones de internet Explorer -_-_-_-_-_-_-_-_
      "HKCU\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == Bing
      Local Page == C:\Windows\system32\blank.htm

      "HKLM\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == Bing
      Local Page == C:\Windows\SysWOW64\blank.htm
      Default_Search_URL == Bing
      Default_Page_URL == MSN.com


      "HKEY_USERS\S-1-5-21-2644563249-2515129753-1215335913-1000\Software\Microsoft\Internet Explorer\Main"
      Start Page == Google
      Search Page == Bing
      Local Page == C:\Windows\system32\blank.htm


      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,
      -_-_-_-_-_-_-_-_ Configuraciones de Google Chrome-_-_-_-_-_-_-_-_
      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      -_-_-_-_-_-_-_-_ Configuraciones de mozilla Firefox -_-_-_-_-_-_-_-_
      user_pref("browser.startup.homepage", "http://google.com");




      ======= EOF =======


      Reporte OTL:


      OTL logfile created on: 29/11/2012 10:58:08 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gaby\Documents\Descargas
      64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.7601.17514)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      3,98 Gb Total Physical Memory | 2,82 Gb Available Physical Memory | 70,89% Memory free
      7,96 Gb Paging File | 6,50 Gb Available in Paging File | 81,68% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 247,82 Gb Total Space | 148,13 Gb Free Space | 59,77% Space Free | Partition Type: NTFS
      Drive D: | 683,59 Gb Total Space | 175,47 Gb Free Space | 25,67% Space Free | Partition Type: NTFS
      Drive G: | 5,57 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

      Computer Name: GABY-PC | User Name: Gaby | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Gaby\Documents\Descargas\OTL.exe (OldTimer Tools)
      PRC - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\XWidget\xwidget.exe (xwidget.com)
      PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
      PRC - C:\Windows\SysWOW64\schtasks.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (ASUSTeK Computer Inc.)
      PRC - C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
      PRC - C:\Windows\SysWOW64\ASTSRV.EXE (Nalpeiron Ltd.)
      PRC - C:\Program Files (x86)\Winamp\winampa.exe ()


      ========== Modules (No Company Name) ==========

      MOD - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      MOD - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      MOD - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraEsp.dll ()
      MOD - C:\Windows\SysWOW64\AsIO.dll ()
      MOD - C:\Program Files (x86)\XWidget\Res\Lib\lib.dll ()
      MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll ()
      MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll ()
      MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll ()
      MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll ()
      MOD - C:\Program Files (x86)\Winamp\winampa.exe ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ASTSRV) -- C:\Windows\SysWOW64\ASTSRV.EXE (Nalpeiron Ltd.)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
      DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
      DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
      DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
      DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
      DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
      DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
      DRV - (AODDriver4.2) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
      DRV - (AODDriver4.01) -- C:\Archivos de programa\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
      DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Delta Search
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN España: Hotmail, Messenger, Skype y Cuenta Microsoft
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 49 BD 2E 78 B5 BD CD 01 [binary data]
      IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=112842&tt=261112_yh_4812_3&babsrc=SP_ss&mntrId=065fcdfa0000000000005404a6b0d707
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..keyword.URL: "http://google.com"


      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/01 12:32:42 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/31 00:30:59 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/01 01:39:56 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/11/15 00:56:11 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012/11/28 03:22:31 | 000,000,000 | ---D | M]

      [2012/10/01 14:06:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaby\AppData\Roaming\mozilla\Extensions
      [2012/11/28 03:22:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaby\AppData\Roaming\mozilla\Firefox\Profiles\jfqz16k2.default\extensions
      [2012/11/23 20:26:59 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Gaby\AppData\Roaming\mozilla\firefox\profiles\jfqz16k2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2012/10/31 00:30:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/11/28 03:22:31 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION
      [2012/10/31 00:30:59 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/06/28 12:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
      [2012/10/31 00:30:57 | 000,004,080 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/10/31 00:30:57 | 000,002,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolibre-ar.xml
      [2012/10/31 00:30:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/10/31 00:30:57 | 000,000,824 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-ar.xml

      ========== Chrome ==========

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      CHR - homepage: Google

      O1 HOSTS File: ([2002/01/01 00:50:13 | 000,000,864 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [Nod 32 protection] c:\Nod_32 /r File not found
      O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
      O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
      O4 - HKCU..\Run: [XWidget] C:\Program Files (x86)\XWidget\xwidget.exe (xwidget.com)
      O4 - Startup: C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
      O8:64bit: - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
      O8 - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pu...sh/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0974A29E-297F-460E-A126-E9C123BE5D8B}: NameServer = 192.168.1.1,8.8.8.8
      O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (c:\progra~3\browse~1\25911~1.18\{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\offdiag.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27:64bit: - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\offdiag.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2012/11/29 10:48:08 | 000,000,074 | ---- | M] () - C:\autorun.inf -- [ NTFS ]
      O32 - AutoRun File - [2012/11/29 10:48:08 | 000,000,074 | ---- | M] () - D:\autorun.inf -- [ NTFS ]
      O32 - AutoRun File - [2010/08/24 11:48:06 | 000,000,058 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
      O33 - MountPoints2\{e30c3037-0bf4-11e2-bb18-5404a6b0d707}\Shell - "" = AutoRun
      O33 - MountPoints2\{e30c3037-0bf4-11e2-bb18-5404a6b0d707}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2010/08/24 11:48:06 | 000,604,075 | R--- | M] (2K Games )
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

      MsConfig:64bit - State: "bootini" - Reg Error: Key error.

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/11/29 10:49:04 | 000,100,352 | ---- | C] (NirSoft) -- C:\Windows\nircmd.exe
      [2012/11/29 01:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XWidget
      [2012/11/29 01:05:22 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\xwidget
      [2012/11/29 01:05:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XWidget
      [2012/11/28 10:02:12 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\Descargas
      [2012/11/28 09:47:20 | 000,184,320 | ---- | C] (Gammadyne Corporation) -- C:\Windows\SysNative\delnext.exe
      [2012/11/28 09:42:43 | 000,000,000 | ---D | C] -- C:\ToolBar SD
      [2012/11/28 06:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
      [2012/11/28 06:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
      [2012/11/28 06:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
      [2012/11/28 06:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
      [2012/11/28 04:53:53 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2012/11/28 03:22:40 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
      [2012/11/28 03:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
      [2012/11/27 22:02:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
      [2012/11/27 22:02:55 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
      [2012/11/27 22:02:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
      [2012/11/18 2324 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Related Programs
      [2012/11/18 2324 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
      [2012/11/18 23:09:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
      [2012/11/18 23:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
      [2012/11/18 23:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
      [2012/11/18 23:08:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software
      [2012/11/18 23:08:57 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\NCH Software
      [2012/11/16 21:37:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
      [2012/11/16 05:17:25 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\CAE_Report_Generator
      [2012/11/16 05:17:25 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\CAE_Report_Generator
      [2012/11/16 05:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAE Report Generator
      [2012/11/16 05:16:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1
      [2012/11/16 05:16:42 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
      [2012/11/16 05:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
      [2012/11/16 05:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
      [2012/11/16 05:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
      [2012/11/16 05:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
      [2012/11/16 05:16:34 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264vfw
      [2012/11/16 05:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw
      [2012/11/16 05:16:29 | 000,839,680 | ---- | C] (www) -- C:\Windows\SysWow64\LameACM.acm
      [2012/11/16 05:16:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAE Report Generator
      [2012/11/15 22:23:08 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\4
      [2012/11/10 01:42:36 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\Mipony
      [2012/11/10 01:19:24 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
      [2012/11/10 01:19:12 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
      [2012/11/10 01:19:11 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
      [2012/11/10 01:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
      [2012/11/10 01:18:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
      [2012/11/10 01:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
      [2012/11/10 01:17:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
      [2012/11/10 01:17:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
      [2012/11/09 15:33:12 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\URUSoft
      [2012/11/09 15:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URUSoft
      [2012/11/09 15:33:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\URUSoft
      [2012/11/09 01:38:49 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Anino Games
      [2012/11/09 00:47:35 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\TuneUp Software
      [2012/11/08 18:42:07 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\2K Games
      [2012/11/08 18:21:41 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\SulusGames
      [2012/11/08 1822 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
      [2012/11/08 18:08:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
      [2012/11/08 18:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
      [2012/11/08 17:49:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
      [2012/11/08 17:31:50 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Boolat Games
      [2012/11/08 17:28:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Juegos bettyboopz
      [2012/11/07 22:06:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrontierVilleBot
      [2012/11/07 22:05:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FrontierVilleBot
      [2012/11/07 21:23:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
      [2012/11/07 18:42:45 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\celu archivos
      [2012/11/06 17:07:22 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Nero
      [2012/11/06 15:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
      [2012/11/06 15:22:08 | 000,802,816 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\imagXRA7.dll
      [2012/11/06 15:22:08 | 000,368,640 | ---- | C] (Pegasus Imaging Corporation) -- C:\Windows\SysWow64\TwnLib4.dll
      [2012/11/06 15:22:07 | 001,757,184 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\imagX7.dll
      [2012/11/06 15:22:07 | 000,497,296 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\imagXpr7.dll
      [2012/11/06 15:22:07 | 000,258,048 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\imagXR7.dll
      [2012/11/06 15:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
      [2012/11/06 15:22:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
      [2012/11/06 15:22:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
      [2012/11/05 11:30:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Valve
      [2012/11/05 00:43:25 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\Rockstar Games
      [2012/11/05 00:41:43 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\Rockstar Games
      [2012/11/05 00:39:07 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
      [2012/11/05 00:37:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
      [2012/11/05 00:37:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
      [2012/11/05 00:18:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
      [2012/11/05 00:18:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
      [2012/11/02 08:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
      [2012/11/02 08:37:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
      [2012/11/02 08:37:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garena Plus
      [2012/11/02 08:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\GarenaMessenger
      [2012/11/02 08:15:54 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Mipony
      [2012/11/02 08:15:49 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
      [2012/11/02 08:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony
      [2012/11/02 08:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiPony
      [2012/11/02 00:25:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
      [2012/10/31 15:13:56 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Thunderbird
      [2012/10/31 15:13:56 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\Thunderbird
      [2012/10/31 15:03:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
      [2012/10/31 09:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
      [2012/10/31 09:29:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
      [2012/10/31 09:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
      [2012/10/31 09:28:55 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Sony
      [2012/10/31 00:30:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2012/10/30 14:48:34 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\Mis archivos recibidos
      [2012/10/30 14:47:10 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Tracing
      [2012/10/30 14:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
      [2012/10/30 14:32:20 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\Windows Live
      [2012/10/30 14:32:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live

      ========== Files - Modified Within 30 Days ==========

      [2012/11/29 10:59:45 | 002,621,440 | -HS- | M] () -- C:\Users\Gaby\ntuser.dat
      [2012/11/29 10:55:46 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2012/11/29 10:55:46 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2012/11/29 10:54:32 | 001,670,586 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2012/11/29 10:54:32 | 000,745,236 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2012/11/29 10:54:32 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2012/11/29 10:54:32 | 000,157,736 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2012/11/29 10:54:32 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2012/11/29 10:50:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2012/11/29 10:48:35 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
      [2012/11/29 10:48:08 | 000,000,146 | ---- | M] () -- C:\Windows\maloso.reg
      [2012/11/29 10:48:08 | 000,000,074 | ---- | M] () -- C:\Windows\maloso.inf
      [2012/11/29 10:48:08 | 000,000,074 | ---- | M] () -- C:\autorun.inf
      [2012/11/29 10:48:00 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
      [2012/11/29 10:47:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2012/11/29 10:47:48 | 3207,159,808 | -HS- | M] () -- C:\hiberfil.sys
      [2012/11/29 10:46:49 | 003,001,545 | -H-- | M] () -- C:\Users\Gaby\AppData\Local\IconCache.db
      [2012/11/29 10:43:30 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012/11/29 01:05:25 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\XWidget.lnk
      [2012/11/28 09:05:38 | 000,516,139 | ---- | M] () -- C:\Users\Gaby\Desktop\AT-Destroyer.exe
      [2012/11/28 04:36:07 | 000,374,272 | ---- | M] () -- C:\Windows\EyeCand3.INI
      [2012/11/28 03:21:35 | 000,000,999 | ---- | M] () -- C:\Users\Gaby\Desktop\MiPony.lnk
      [2012/11/27 22:02:55 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
      [2012/11/25 00:14:36 | 000,000,140 | ---- | M] () -- C:\Windows\winamp.ini
      [2012/11/22 07:32:20 | 000,131,391 | ---- | M] () -- C:\Users\Gaby\Documents\CupcakeTutoriials' (13).png
      [2012/11/22 07:31:42 | 000,043,513 | ---- | M] () -- C:\Users\Gaby\Documents\muneca_png_38_by_fabii27-d5fgnq6.png
      [2012/11/22 07:31:37 | 000,017,032 | ---- | M] () -- C:\Users\Gaby\Documents\muneca_png_by_krishnasofia-d4jeh71.png
      [2012/11/16 21:37:55 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
      [2012/11/16 05:16:48 | 000,001,155 | ---- | M] () -- C:\Users\Public\Desktop\CAE Report Generator.lnk
      [2012/11/16 05:16:34 | 000,067,863 | ---- | M] () -- C:\Windows\SysWow64\x264vfw-uninstall.exe
      [2012/11/12 14:58:07 | 000,000,011 | ---- | M] () -- C:\Windows\3DShadow.INI
      [2012/11/07 22:06:10 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\FrontierVilleBot.lnk
      [2012/11/05 00:39:07 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
      [2012/11/01 12:32:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
      [2012/11/01 09:51:28 | 000,000,983 | ---- | M] () -- C:\Users\Gaby\Desktop\Winamp.lnk
      [2012/11/01 04:22:28 | 000,524,288 | -HS- | M] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TMContainer00000000000000000002.regtrans-ms
      [2012/11/01 04:22:28 | 000,524,288 | -HS- | M] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TMContainer00000000000000000001.regtrans-ms
      [2012/11/01 04:22:28 | 000,065,536 | -HS- | M] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TM.blf
      [2012/11/01 03:50:25 | 001,646,944 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2012/10/30 19:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
      [2012/10/30 19:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
      [2012/10/30 19:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
      [2012/10/30 19:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
      [2012/10/30 19:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
      [2012/10/30 19:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
      [2012/10/30 19:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
      [2012/10/30 19:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

      ========== Files Created - No Company Name ==========

      [2012/11/29 10:46:03 | 000,516,139 | ---- | C] () -- C:\Users\Gaby\Desktop\AT-Destroyer.exe
      [2012/11/29 10:43:29 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [2012/11/29 01:05:25 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\XWidget.lnk
      [2012/11/28 09:47:20 | 000,082,188 | ---- | C] () -- C:\Windows\SysNative\zip.exe
      [2012/11/28 09:05:52 | 000,069,660 | ---- | C] () -- C:\Windows\Fart.exe
      [2012/11/28 09:05:52 | 000,022,528 | ---- | C] () -- C:\Windows\AT-Uninstall.exe
      [2012/11/28 09:05:52 | 000,011,776 | ---- | C] () -- C:\Windows\Colous.exe
      [2012/11/27 22:02:54 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
      [2012/11/23 18:47:01 | 000,031,232 | ---- | C] () -- C:\data.cab
      [2012/11/23 18:47:01 | 000,001,709 | ---- | C] () -- C:\instalar.bat
      [2012/11/23 18:47:01 | 000,000,074 | ---- | C] () -- C:\autorun.inf
      [2012/11/22 19:58:31 | 000,001,709 | ---- | C] () -- C:\Nod_32.bat
      [2012/11/22 19:58:31 | 000,000,146 | ---- | C] () -- C:\Windows\maloso.reg
      [2012/11/22 19:58:31 | 000,000,074 | ---- | C] () -- C:\Windows\maloso.inf
      [2012/11/22 19:58:30 | 000,031,232 | ---- | C] () -- C:\Windows\cmdow.exe
      [2012/11/22 19:58:30 | 000,001,709 | ---- | C] () -- C:\Windows\maloso.bat
      [2012/11/22 07:32:20 | 000,131,391 | ---- | C] () -- C:\Users\Gaby\Documents\CupcakeTutoriials' (13).png
      [2012/11/22 07:31:42 | 000,043,513 | ---- | C] () -- C:\Users\Gaby\Documents\muneca_png_38_by_fabii27-d5fgnq6.png
      [2012/11/22 07:31:37 | 000,017,032 | ---- | C] () -- C:\Users\Gaby\Documents\muneca_png_by_krishnasofia-d4jeh71.png
      [2012/11/18 2342 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
      [2012/11/18 2324 | 000,001,126 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk
      [2012/11/18 2302 | 000,001,190 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad, software para edición de vídeo.lnk
      [2012/11/18 23:08:59 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism, convertidor de archivos de vídeo.lnk
      [2012/11/16 21:37:55 | 000,001,190 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
      [2012/11/16 05:16:48 | 000,001,155 | ---- | C] () -- C:\Users\Public\Desktop\CAE Report Generator.lnk
      [2012/11/16 05:16:37 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
      [2012/11/16 05:16:37 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
      [2012/11/16 05:16:37 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
      [2012/11/16 05:16:34 | 000,067,863 | ---- | C] () -- C:\Windows\SysWow64\x264vfw-uninstall.exe
      [2012/11/16 05:16:29 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
      [2012/11/15 00:56:17 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
      [2012/11/12 14:56:00 | 000,000,011 | ---- | C] () -- C:\Windows\3DShadow.INI
      [2012/11/10 01:19:07 | 000,002,199 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
      [2012/11/07 22:06:10 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\FrontierVilleBot.lnk
      [2012/11/02 08:45:31 | 000,002,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
      [2012/11/02 08:45:31 | 000,001,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
      [2012/11/02 08:45:31 | 000,001,928 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
      [2012/11/02 08:15:50 | 000,000,999 | ---- | C] () -- C:\Users\Gaby\Desktop\MiPony.lnk
      [2012/11/01 09:51:32 | 000,000,140 | ---- | C] () -- C:\Windows\winamp.ini
      [2012/11/01 09:51:28 | 000,000,983 | ---- | C] () -- C:\Users\Gaby\Desktop\Winamp.lnk
      [2012/11/01 04:22:21 | 003,001,545 | -H-- | C] () -- C:\Users\Gaby\AppData\Local\IconCache.db
      [2012/11/01 01:41:35 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TMContainer00000000000000000002.regtrans-ms
      [2012/11/01 01:41:35 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TMContainer00000000000000000001.regtrans-ms
      [2012/11/01 01:41:35 | 000,065,536 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{b57de510-23dc-11e2-bbd1-91e372d67c6a}.TM.blf
      [2012/10/30 14:45:03 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
      [2012/10/30 14:42:17 | 001,646,944 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2012/10/29 21:05:58 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{f9c8e675-2224-11e2-98e0-ce6993218a56}.TMContainer00000000000000000002.regtrans-ms
      [2012/10/29 21:05:58 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{f9c8e675-2224-11e2-98e0-ce6993218a56}.TMContainer00000000000000000001.regtrans-ms
      [2012/10/29 21:05:58 | 000,065,536 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat{f9c8e675-2224-11e2-98e0-ce6993218a56}.TM.blf
      [2012/10/25 09:11:51 | 000,035,328 | ---- | C] () -- C:\Windows\INETWH32.DLL
      [2012/10/25 09:11:51 | 000,009,136 | ---- | C] () -- C:\Windows\INETWH16.DLL
      [2012/10/25 09:11:51 | 000,004,528 | ---- | C] () -- C:\Windows\SETBROWS.EXE
      [2012/10/24 14:42:41 | 000,374,272 | ---- | C] () -- C:\Windows\EyeCand3.INI
      [2012/10/24 14:25:42 | 000,296,448 | ---- | C] () -- C:\Windows\Xenofex.ini
      [2012/10/24 12:56:09 | 000,044,544 | ---- | C] () -- C:\Windows\AWuninstall.exe
      [2012/10/24 12:49:56 | 000,000,016 | ---- | C] () -- C:\Windows\Wininit.ini
      [2012/10/24 12:41:01 | 000,000,553 | ---- | C] () -- C:\Windows\AVPuzzlePro12.ini
      [2012/10/24 12:40:40 | 000,147,456 | ---- | C] () -- C:\Windows\AVUNTOOL.EXE
      [2012/10/24 12:35:29 | 000,210,944 | ---- | C] () -- C:\Windows\MSVCRT10.DLL
      [2012/10/24 12:35:28 | 000,057,344 | ---- | C] () -- C:\Windows\icmfilter.dll
      [2012/10/17 19:41:57 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
      [2012/09/27 22:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
      [2012/09/27 22:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
      [2012/09/20 22:24:06 | 000,000,020 | -HS- | C] () -- C:\Users\Gaby\ntuser.ini
      [2012/09/20 22:24:05 | 002,621,440 | -HS- | C] () -- C:\Users\Gaby\ntuser.dat
      [2012/09/20 22:24:05 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
      [2012/09/20 22:24:05 | 000,524,288 | -HS- | C] () -- C:\Users\Gaby\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
      [2012/09/20 22:24:05 | 000,065,536 | -HS- | C] () -- C:\Users\Gaby\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
      [2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

      ========== ZeroAccess Check ==========

      [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2010/11/21 00:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2010/11/21 00:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2012/11/12 12:48:06 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Alien Skin
      [2012/11/09 01:38:49 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Anino Games
      [2012/11/08 17:31:50 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Boolat Games
      [2012/11/16 05:17:25 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\CAE_Report_Generator
      [2012/11/29 09:34:09 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Dropbox
      [2012/10/25 10:48:22 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Jasc
      [2012/11/29 06:05:40 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Mipony
      [2012/10/31 09:28:55 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Sony
      [2012/11/08 18:21:41 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\SulusGames
      [2012/11/15 01:05:58 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Thunderbird
      [2012/11/10 01:18:48 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\TuneUp Software
      [2012/11/29 08:09:31 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\uTorrent

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/11/28 09:47:26 | 000,000,634 | ---- | M] () -- C:\Ad-Fix.txt
      [2012/11/28 09:21:40 | 000,000,835 | ---- | M] () -- C:\AdwCleaner[R1].txt
      [2012/11/28 09:22:03 | 000,000,835 | ---- | M] () -- C:\AdwCleaner[R2].txt
      [2012/11/28 09:24:26 | 000,000,911 | ---- | M] () -- C:\AdwCleaner[R3].txt
      [2012/11/28 09:34:30 | 000,000,835 | ---- | M] () -- C:\AdwCleaner[R4].txt
      [2012/11/28 09:35:33 | 000,000,841 | ---- | M] () -- C:\AdwCleaner[R5].txt
      [2012/11/28 09:36:55 | 000,000,841 | ---- | M] () -- C:\AdwCleaner[R6].txt
      [2012/11/29 10:50:58 | 000,003,128 | ---- | M] () -- C:\AT-Destroyer.txt
      [2012/11/29 10:48:08 | 000,000,074 | ---- | M] () -- C:\autorun.inf
      [2002/01/01 00:57:24 | 000,383,786 | RHS- | M] () -- C:\bootmgr
      [2012/09/20 18:16:41 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2012/10/29 19:19:29 | 000,025,167 | ---- | M] () -- C:\ComboFix.txt
      [2004/12/19 19:02:54 | 000,031,232 | ---- | M] () -- C:\data.cab
      [2012/10/24 21:15:02 | 000,180,422 | ---- | M] () -- C:\EyeCandyLog.txt
      [2012/11/29 10:47:48 | 3207,159,808 | -HS- | M] () -- C:\hiberfil.sys
      [2010/07/02 21:47:26 | 000,001,709 | ---- | M] () -- C:\instalar.bat
      [2010/07/02 21:47:26 | 000,001,709 | ---- | M] () -- C:\Nod_32.bat
      [2012/11/29 10:47:50 | 4276,215,808 | -HS- | M] () -- C:\pagefile.sys
      [2012/11/29 10:49:07 | 000,000,120 | ---- | M] () -- C:\prueba.txt
      [2002/01/01 00:11:51 | 000,002,164 | ---- | M] () -- C:\RHDSetup.log
      [2002/01/01 00:57:30 | 000,206,312 | RHS- | M] () -- C:\XELDZ

      < End of report >


      Gracias por la ayuda! Saludos :)

    7. #7
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.111

      Re: Delta-search.com imposible de eliminar

      Hola de Nuevo




      Ejecutá OTL.exe


      Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación



      :OTL
      PRC - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      MOD - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      MOD - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Delta Search
      IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=112842&tt=261112_yh_4812_3&babsrc=SP_ss&mntrId=065fcdfa0000000000005404a6b0d707
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012/11/28 03:22:31 | 000,000,000 | ---D | M]
      [2012/10/01 14:06:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaby\AppData\Roaming\mozilla\Extensions
      [2012/11/28 03:22:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaby\AppData\Roaming\mozilla\Firefox\Profiles\jfqz16k2.default\extensions
      [2012/11/23 20:26:59 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Gaby\AppData\Roaming\mozilla\firefox\profiles\jfqz16k2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      [2012/10/31 00:30:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2012/11/28 03:22:31 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION
      [2012/10/31 00:30:57 | 000,002,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolibre-ar.xml
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O33 - MountPoints2\{e30c3037-0bf4-11e2-bb18-5404a6b0d707}\Shell - "" = AutoRun
      O33 - MountPoints2\{e30c3037-0bf4-11e2-bb18-5404a6b0d707}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2010/08/24 11:48:06 | 000,604,075 | R--- | M] (2K Games )
      [2012/11/28 03:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
      [2012/11/28 09:47:26 | 000,000,634 | ---- | M] () -- C:\Ad-Fix.txt
      [2012/11/28 09:21:40 | 000,000,835 | ---- | M] () -- C:\AdwCleaner[R1].txt
      [2012/11/28 09:22:03 | 000,000,835 | ---- | M] () -- C:\AdwCleaner[R2].txt
      [2012/11/28 09:24:26 | 000,000,911 | ---- | M] () -- C:\AdwCleaner[R3].txt
      [2012/11/28 09:34:30 | 000,000,835 | ---- | M] () -- C:\AdwCleaner[R4].txt
      [2012/11/28 09:35:33 | 000,000,841 | ---- | M] () -- C:\AdwCleaner[R5].txt
      [2012/11/28 09:36:55 | 000,000,841 | ---- | M] () -- C:\AdwCleaner[R6].txt
      [2012/11/29 10:50:58 | 000,003,128 | ---- | M] () -- C:\AT-Destroyer.txt
      :Files
      ipconfig /flushdns /c
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
      C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}
      :Commands
      [PURITY]
      [EMPTYTEMP]
      [EMPTYFLASH]
      [RESETHOSTS]

      Presioná el Boton Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.





      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de Gaby Cobain
      Registrado
      nov 2012
      Mensajes
      6

      Re: Delta-search.com imposible de eliminar

      Aca esta el informe de lo que me pediste :)

      All processes killed
      ========== OTL ==========
      No active process named mngr.exe was found!
      Service Browser Manager stopped successfully!
      Service Browser Manager deleted successfully!
      File move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe scheduled to be moved on reboot.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58bd07eb-0ee0-4df0-8121-dc9b693373df}\ not found.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      C:\Users\Gaby\AppData\Roaming\mozilla\Extensions folder moved successfully.
      C:\Users\Gaby\AppData\Roaming\mozilla\Firefox\Profiles\jfqz16k2.default\extensions folder moved successfully.
      File C:\Users\Gaby\AppData\Roaming\mozilla\firefox\profiles\jfqz16k2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
      C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
      C:\Program Files (x86)\mozilla firefox\extensions folder moved successfully.
      Folder move failed. C:\PROGRAMDATA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION\content scheduled to be moved on reboot.
      Folder move failed. C:\PROGRAMDATA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION\components scheduled to be moved on reboot.
      Folder move failed. C:\PROGRAMDATA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION scheduled to be moved on reboot.
      C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolibre-ar.xml moved successfully.
      Use Chrome's Settings page to remove the default_search_provider items.
      Use Chrome's Settings page to remove the default_search_provider items.
      Use Chrome's Settings page to remove the default_search_provider items.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e30c3037-0bf4-11e2-bb18-5404a6b0d707}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e30c3037-0bf4-11e2-bb18-5404a6b0d707}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e30c3037-0bf4-11e2-bb18-5404a6b0d707}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e30c3037-0bf4-11e2-bb18-5404a6b0d707}\ not found.
      File move failed. G:\Setup.exe scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18 scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager scheduled to be moved on reboot.
      C:\Ad-Fix.txt moved successfully.
      C:\AdwCleaner[R1].txt moved successfully.
      C:\AdwCleaner[R2].txt moved successfully.
      C:\AdwCleaner[R3].txt moved successfully.
      C:\AdwCleaner[R4].txt moved successfully.
      C:\AdwCleaner[R5].txt moved successfully.
      C:\AdwCleaner[R6].txt moved successfully.
      C:\AT-Destroyer.txt moved successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Gaby\Documents\Descargas\cmd.bat deleted successfully.
      C:\Users\Gaby\Documents\Descargas\cmd.txt deleted successfully.
      File move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} scheduled to be moved on reboot.
      ========== COMMANDS ==========

      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes

      User: Gaby
      ->Temp folder emptied: 278363751 bytes
      ->FireFox cache emptied: 119625817 bytes
      ->Flash cache emptied: 5050599 bytes

      User: Public
      ->Temp folder emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 2351387 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36130912 bytes
      RecycleBin emptied: 7225082 bytes

      Total Files Cleaned = 428,00 mb


      [EMPTYFLASH]

      User: All Users

      User: Default

      User: Default User

      User: Gaby
      ->Flash cache emptied: 0 bytes

      User: Public

      Total Flash Files Cleaned = 0,00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 11292012_205211

      Files\Folders moved on Reboot...
      File move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      File move failed. G:\Setup.exe scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18 scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager\2.5.911.18 scheduled to be moved on reboot.
      Folder move failed. C:\ProgramData\Browser Manager scheduled to be moved on reboot.
      C:\Users\Gaby\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

      Gracias por la ayuda y saludos!!

    9. #9
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.111

      Re: Delta-search.com imposible de eliminar

      Hola de Nuevo


      Ejecutá nuevamente OTL.exe y presionas el Boton Limpiar.


      Esto Eliminará de Tu sistema a OTL.exe y sus archivos creados y eliminados.


      Te pedirá reiniciar el ordenador. Presionas SI, y después de reiniciar, comprobas en Funcionamiento y nos comentas como sigue.




      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de Gaby Cobain
      Registrado
      nov 2012
      Mensajes
      6

      Re: Delta-search.com imposible de eliminar

      Gracias por la ayuda, instale el google chrome de vuelta y ya no tengo esa pagina como predeterminada, salgo y entro de nuevo y no aparece :)

      Si llego a tener problema, aviso! Por ahora todo volvio a la normalidad
      Saludos :)

    Página 1 de 2 12 ÚltimoÚltimo