• Registrarse
  • Iniciar sesión


  • Página 2 de 6 PrimeroPrimero 123456 ÚltimoÚltimo
    Resultados 11 al 20 de 59

    quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

    Hola de nuevo. Espero haberlo hecho todo bien .Me he bajado un nuevo ccleanercomo me has dicho lo he pasado . Despues he pasado el Marlwarebytes y este es el informe: Malwarebytes Anti-Malware 1.65.1.1000 Malwarebytes ...

    1. #11
      Usuario Avatar de MaCoque Lopez
      Registrado
      dic 2012
      Mensajes
      31
      Hola de nuevo. Espero haberlo hecho todo bien .Me he bajado un nuevo ccleanercomo me has dicho lo he pasado . Despues he pasado el Marlwarebytes y este es el informe:

      Malwarebytes Anti-Malware 1.65.1.1000
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2012.12.04.09

      Windows XP Service Pack 3 x86 NTFS
      Internet Explorer 8.0.6001.18702
      Familia Morey Lopez :: FAMILIA [administrador]

      04/12/2012 19:00:07
      mbam-log-2012-12-04 (19-00-07).txt

      Tipos de Análisis: Análisis Completo (C:\|F:\|G:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 310461
      Tiempo transcurrido: 2 hora(s), 39 minuto(s), 35 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)
      ---------------------------

      LUEGO HE INTENTADO PASAR EL AT DESTROYER PERO HA VUELTO A PARARSE EN EL 22 POR CIEN Y EL REPORTE NO SE ME HA ABIERTO.

      ASI QUE HE PASADO AL SIGUIENTE PASO Y TE COPIO Y PEGO LO QUE ME PEDIAS:

      OTL logfile created on: 04/12/2012 22:17:39 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads
      Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.6001.18702)
      Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      958,42 Mb Total Physical Memory | 396,83 Mb Available Physical Memory | 41,40% Memory free
      2,26 Gb Paging File | 1,81 Gb Available in Paging File | 80,21% Paging File free
      Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
      Drive C: | 149,04 Gb Total Space | 6,07 Gb Free Space | 4,07% Space Free | Partition Type: NTFS
      Drive D: | 181,30 Gb Total Space | 88,78 Gb Free Space | 48,97% Space Free | Partition Type: NTFS

      Computer Name: FAMILIA | User Name: Familia Morey Lopez | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Wajam\Updater\WajamUpdater.exe (Wajam)
      PRC - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
      PRC - C:\Archivos de programa\DivX\DivX Update\DivXUpdate.exe ()
      PRC - C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
      PRC - C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
      PRC - C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
      PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      PRC - C:\WINDOWS\vmsnap3.exe (ZSMCSNAP)
      PRC - C:\WINDOWS\Domino.exe (Vimicro)


      ========== Modules (No Company Name) ==========

      MOD - c:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      MOD - C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\libxml2.dll ()
      MOD - C:\Archivos de programa\DivX\DivX Update\DivXUpdateCheck.dll ()
      MOD - C:\Archivos de programa\DivX\DivX Update\DivXUpdate.exe ()
      MOD - C:\WINDOWS\system32\msdmo.dll ()



      OTL Extras logfile created on: 04/12/2012 22:17:39 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads
      Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.6001.18702)
      Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      958,42 Mb Total Physical Memory | 396,83 Mb Available Physical Memory | 41,40% Memory free
      2,26 Gb Paging File | 1,81 Gb Available in Paging File | 80,21% Paging File free
      Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
      Drive C: | 149,04 Gb Total Space | 6,07 Gb Free Space | 4,07% Space Free | Partition Type: NTFS
      Drive D: | 181,30 Gb Total Space | 88,78 Gb Free Space | 48,97% Space Free | Partition Type: NTFS

      Computer Name: FAMILIA | User Name: Familia Morey Lopez | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Extra Registry (SafeList) ==========


      ========== File Associations ==========

      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
      .html [@ = ChromeHTML] -- C:\Archivos de programa\Google\Chrome\Application\chrome.exe (Google Inc.)

      [HKEY_USERS\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Classes\<extension>]
      .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

      ========== Shell Spawning ==========

      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
      exefile [open] -- "%1" %*
      http [open] -- "C:\Archivos de programa\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
      https [open] -- "C:\Archivos de programa\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [AddToPlaylistVLC] -- C:\Archivos de programa\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Directory [PlayWithVLC] -- C:\Archivos de programa\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
      Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
      Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

      ========== Security Center Settings ==========

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
      "FirstRunDisabled" = 1
      "AntiVirusOverride" = 0
      "AntiVirusDisableNotify" = 0
      "FirewallDisableNotify" = 0
      "UpdatesDisableNotify" = 0
      "FirewallOverride" = 0

      *****************************************


      El funcionamiento del ordenador es el mismo. Aunque ahora al abrir el navegador sale el google chrome pero cuando vuelvo a abrirlo por segunda vez sale de nuevo el claro search
      Última edición por @Javier_HF fecha: 04/12/12 a las 18:00:18 Razón: Unir mensajes.

    2. #12
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.696

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      Veamos, el informe de AT-Destroyer, no te habrá salido, pero mira a ver si lo encuentras, como te indiqué en mi anterior respuesta en :
      (También puedes encontrarlo en C:\AT-Destroyer.txt)
      Y ahora lo mas importante, los dos informes que has puesto el del OTL y el de Extras(que no hacia falta), están incompletos.

      O bien los has copiado mal o se ha realizado el proceso de forma extraña, lo primero que debes hacer es ejecutar OTL desde el escritorio, asi que muevelo desde esta ubicacion :
      C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads
      al Escritorio y realiza de nuevo los pasos.

      Y nos pones el nuevo log de OTL.txt y el del AT-Destroyer.txt, si existiera, muchas gracias.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de MaCoque Lopez
      Registrado
      dic 2012
      Mensajes
      31
      ESTO ES LO DEL AT. DESTROYER:

      Hora/Día/Mes/Año: 21:59:19 \\\ 04/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:8.0.6001.18702
      Mozilla Firefox:11.0.0.4454
      Google Chrome:23.0.1271.95
      Privilegios: Familia Morey Lopez - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: FAMILIA
      Información del sistema operativo:X86-WIN_XP-Service Pack 3
      nombre del usuario:Familia Morey Lopez
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\OpenCandy\0FF5341C58D04DA580B5E2E15CB1F86C (W32/Adware.OpenCandy)
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\OpenCandy\0FF5341C58D04DA580B5E2E15CB1F86C\DivXInstaller.exe (W32/Adware.OpenCandy)

      ----------------------------------

      **************************************


      y ahora volvere a repetir lo que me dijiste ayer. Perdona mi lentitud pero entre que el ordenador tarda en abrir el navegador y todos los pasos de abrir, cerrar y reiniciar y escribir en un papel los pasos que me dices que siga (No tengo impresora), además de estos errores sé que tardo demasiado en dar respuesta. Agradezco tu ayuda y perdona las molestias

      ¡¡¡TENGO EL INFORME DE OTL, PERO AHORA RESULTA QUE ME SALE UN MENSAJE EN EL FORO QUE NO PUEDO INGRESARLO PORQUE ES DEMASIADO LARGO Y TIENE DEMASIADOS CARACTERES!! HE INTENTADO PONERLO EN DOS PARTES PERO AUN ASI ME SALE EL MISMO MENSAJE!!!
      vOY A INTENTAR PONERLO EN TRES PARTES

      **************************************

      OTL logfile created on: 05/12/2012 8:37:04 - Run 2
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads
      Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.6001.18702)
      Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      958,42 Mb Total Physical Memory | 97,77 Mb Available Physical Memory | 10,20% Memory free
      2,26 Gb Paging File | 1,37 Gb Available in Paging File | 60,48% Paging File free
      Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
      Drive C: | 149,04 Gb Total Space | 6,07 Gb Free Space | 4,07% Space Free | Partition Type: NTFS
      Drive D: | 181,30 Gb Total Space | 88,78 Gb Free Space | 48,97% Space Free | Partition Type: NTFS

      Computer Name: FAMILIA | User Name: Familia Morey Lopez | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\Google\Chrome\Application\chrome.exe (Google Inc.)
      PRC - C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Wajam\Updater\WajamUpdater.exe (Wajam)
      PRC - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
      PRC - C:\Archivos de programa\DivX\DivX Update\DivXUpdate.exe ()
      PRC - C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
      PRC - C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
      PRC - C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
      PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      PRC - C:\WINDOWS\vmsnap3.exe (ZSMCSNAP)
      PRC - C:\WINDOWS\Domino.exe (Vimicro)


      ========== Modules (No Company Name) ==========

      MOD - C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll ()
      MOD - C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll ()

      MOD - C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll ()
      MOD - C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\pdf.dll ()
      MOD - C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\libglesv2.dll ()
      MOD - C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\libegl.dll ()
      MOD - C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\avutil-51.dll ()
      MOD - C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll ()
      MOD - C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\avformat-54.dll ()
      MOD - c:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      MOD - C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\libxml2.dll ()
      MOD - C:\Archivos de programa\DivX\DivX Update\DivXUpdateCheck.dll ()
      MOD - C:\Archivos de programa\DivX\DivX Update\DivXUpdate.exe ()
      MOD - C:\Archivos de programa\WinRAR\RarExt.dll ()
      MOD - C:\WINDOWS\system32\msdmo.dll ()


      ========== Services (SafeList) ==========

      SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
      SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
      SRV - (Browser Manager) -- C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (SkypeUpdate) -- C:\Archivos de programa\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (WajamUpdater) -- C:\Archivos de programa\Wajam\Updater\WajamUpdater.exe (Wajam)
      SRV - (Apple Mobile Device) -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
      SRV - (odserv) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
      SRV - (TuneUp.Defrag) -- C:\Archivos de programa\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
      SRV - (TuneUp.UtilitiesSvc) -- C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
      SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
      SRV - (Adobe LM Service) -- C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
      SRV - (ose) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (WDICA) -- File not found
      DRV - (RimUsb) -- System32\Drivers\RimUsb.sys File not found
      DRV - (PDRFRAME) -- File not found
      DRV - (PDRELI) -- File not found
      DRV - (PDFRAME) -- File not found

      DRV - (PDCOMP) -- File not found
      DRV - (PCIDump) -- File not found
      DRV - (mfehidk) -- system32\drivers\mfehidk.sys File not found
      DRV - (mfeapfk) -- system32\drivers\mfeapfk.sys File not found
      DRV - (lbrtfdc) -- File not found
      DRV - (i2omgmt) -- File not found
      DRV - (Changer) -- File not found
      DRV - (catchme) -- C:\DOCUME~1\FAMILI~1\CONFIG~1\Temp\catchme.sys File not found
      DRV - (adfs) -- File not found
      DRV - (efavdrv) -- C:\WINDOWS\system32\drivers\efavdrv.sys (ESET)
      DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
      DRV - (TuneUpUtilitiesDrv) -- C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
      DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
      DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
      DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
      DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
      DRV - (PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)
      DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
      DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
      DRV - (ZSMC303) -- C:\WINDOWS\system32\drivers\usbVM303.sys (Vimicro Corporation)
      DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
      DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
      DRV - (vmfilter303) -- C:\WINDOWS\system32\drivers\vmfilter303.sys (Vimicro Corporation)
      DRV - (netrcacm) -- C:\WINDOWS\system32\drivers\netrcacm.sys (Thomson Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Claro Search
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN España: Hotmail, Messenger, Skype y Cuenta Microsoft
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Bing [binary data]
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
      IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
      IE - HKCU\..\URLSearchHook: {c2ed826e-8903-4a9d-b0df-3a8fb8ea918a} - No CLSID value found
      IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.claro-search.com/?q={searchTerms}&affID=116775&tt=261112_clro_4812_2&babsrc=SP_ss&mntrId=ec58bbfa000000000000001d7d9728c0
      IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKCU\..\SearchScopes\{85EE7638-9828-4113-8636-69B36E15DFE3}: "URL" = http://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=18&tid={BADC69A7-64F8-44b3-8E70-9649D6FC107D}
      IE - HKCU\..\SearchScopes\{8BAF38B5-C6D6-49D7-B928-54820E96E2FF}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{A34587234-AWER-3256-5TY6-12EDERGTY568}: "URL" = http://www.mbuscas.com/search.php?pagina=1&rxp=20&q={searchTerms}
      IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351364
      IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://es.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_es&p={searchTerms}
      IE - HKCU\..\SearchScopes\{D8947097-DB7B-481C-BC73-07E510191056}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_es
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "Claro Search"
      FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
      FF - prefs.js..browser.search.selectedEngine: "Claro Search"
      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..browser.startup.homepage: "http://www.claro-search.com/?affID=116775&tt=261112_clro_4812_2&babsrc=HP_ss&mntrId=ec58bbfa000000000000001d7d9728c0"
      FF - prefs.js..extensions.enabledAddons: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.3
      FF - prefs.js..extensions.enabledAddons: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
      FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.15.1.0

      FF - prefs.js..extensions.enabledAddons: {58bd07eb-0ee0-4df0-8121-dc9b693373df}:2.5.911.18
      FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
      FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
      FF - prefs.js..extensions.enabledItems: [email protected]:1.0
      FF - prefs.js..extensions.enabledItems: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.3
      FF - prefs.js..extensions.enabledItems: [email protected]:1.1.3
      FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
      FF - prefs.js..extensions.enabledItems: [email protected]:6.0.1289
      FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
      FF - prefs.js..keyword.URL: "http://www.claro-search.com/?affID=116775&tt=261112_clro_4812_2&babsrc=KW_ss&mntrId=ec58bbfa000000000000001d7d9728c0&q="
      FF - prefs.js..network.proxy.type: 0


      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Archivos de programa\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Archivos de programa\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Archivos de programa\Google\Picasa3\npPicasa3.dll (Google, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Archivos de programa\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Archivos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Archivos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Facebook\npfbplugin_1_0_3.dll File not found

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Archivos de programa\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/09/26 16:25:41 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Archivos de programa\Mozilla Firefox\components [2012/03/25 19:40:58 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox\plugins [2011/11/10 08:20:58 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012/11/29 13:49:55 | 000,000,000 | ---D | M]

      [2012/03/06 15:22:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Extensions
      [2012/12/03 15:28:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions
      [2010/06/27 13:04:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
      [2012/10/23 12:39:54 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
      [2009/09/24 22:00:08 | 000,000,000 | ---D | M] (My Tattoons (Fast Browser Search)) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
      [2012/05/02 2237 | 000,000,000 | ---D | M] (DealPly) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
      [2012/12/03 15:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\staged
      [2012/12/03 15:30:19 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\searchplugins\facebook.xml
      [2012/11/29 13:49:54 | 000,002,526 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\searchplugins\mngr.xml
      [2011/06/17 20:39:35 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\searchplugins\SearchResults.xml
      [2012/03/06 15:22:58 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      [2011/10/21 22:50:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Archivos de programa\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      [2012/11/29 13:49:55 | 000,000,000 | ---D | M] (Browser Manager) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATOS DE PROGRAMA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION
      [2012/03/25 19:40:57 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Archivos de programa\mozilla firefox\components\browsercomps.dll
      [2012/11/29 13:49:19 | 000,006,532 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\babylon.xml
      [2011/11/05 04:32:18 | 000,002,252 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\bing.xml
      [2011/11/05 04:57:33 | 000,003,996 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\drae.xml
      [2011/11/05 04:57:33 | 000,001,143 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\eBay-es.xml
      [2009/09/24 22:00:08 | 000,003,700 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\fast.png
      [2009/09/24 22:00:08 | 000,001,963 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\fast.xml
      [2011/06/17 20:39:35 | 000,002,501 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\SearchResults.xml
      [2012/01/13 22:15:44 | 000,002,040 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\twitter.xml
      [2011/11/05 04:57:33 | 000,001,178 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\wikipedia-es.xml

      [2011/11/05 04:57:33 | 000,001,102 | ---- | M] () -- C:\Archivos de programa\mozillafirefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - homepage: Google
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: Google
      CHR - plugin: Shockwave Flash (Enabled) = C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Archivos de programa\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
      CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\NPOFF12.DLL
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin7.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin8.dll
      CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npdrmv2.dll
      CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Archivos de programa\Windows Media Player\npdsplay.dll
      CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npwmsdrm.dll
      CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Archivos de programa\DivX\DivX OVS Helper\npovshelper.dll
      CHR - plugin: DivX Plus Web Player (Enabled) = C:\Archivos de programa\DivX\DivX Plus Web Player\npdivx32.dll
      CHR - plugin: Picasa (Enabled) = C:\Archivos de programa\Google\Picasa3\npPicasa3.dll
      CHR - plugin: Google Update (Enabled) = C:\Archivos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Archivos de programa\Microsoft Silverlight\5.1.10411.0\npctrl.dll
      CHR - plugin: iTunes Application Detector (Enabled) = C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll
      CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
      CHR - Extension: Claro Toolbar = C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.1_0\
      CHR - Extension: Skype Click to Call = C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
      CHR - Extension: PicBadges = C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\mgjkknncnlepghplinfpikcijdbmidbg\1.8_0\
      CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\
      CHR - Extension: \u003Cvideo\u003E de HTML5 de DivX Plus Web Player = C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
      CHR - Extension: Settings Protector = C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\

      O1 HOSTS File: ([2012/03/06 14:32:00 | 000,441,443 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: 127.0.0.1 www.007guard.com
      O1 - Hosts: 127.0.0.1 007guard.com
      O1 - Hosts: 127.0.0.1 008i.com
      O1 - Hosts: 127.0.0.1 www.008k.com
      O1 - Hosts: 127.0.0.1 008k.com
      O1 - Hosts: 127.0.0.1 00hq.com
      O1 - Hosts: 127.0.0.1 00hq.com
      O1 - Hosts: 127.0.0.1 010402.com
      O1 - Hosts: 127.0.0.1 www.032439.com
      O1 - Hosts: 127.0.0.1 032439.com
      O1 - Hosts: 127.0.0.1 全讯网,博彩优æƒ*,皇å†*æ*£ç½‘cr67com,皇å†*比分,皇å†*即时指数,太阳城代理112scg,tt娱乐城8bc8,网上真钱娱
      O1 - Hosts: 127.0.0.1 0scan.com
      O1 - Hosts: 127.0.0.1 1000gratisproben.com
      O1 - Hosts: 127.0.0.1 1000gratisproben.com
      O1 - Hosts: 127.0.0.1 1001namen.com
      O1 - Hosts: 127.0.0.1 1001namen.com
      O1 - Hosts: 127.0.0.1 100888290cs.com
      O1 - Hosts: 127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
      O1 - Hosts: 127.0.0.1 100sexlinks.com - Sex links Resources and Information. This website is for sale!
      O1 - Hosts: 127.0.0.1 100sexlinks.com
      O1 - Hosts: 127.0.0.1 10sek.com
      O1 - Hosts: 127.0.0.1 10sek.com
      O1 - Hosts: 127.0.0.1 www.1-2005-search.com
      O1 - Hosts: 127.0.0.1 1-2005-search.com
      O1 - Hosts: 15173 more lines...
      O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
      Última edición por @Javier_HF fecha: 05/12/12 a las 07:57:50 Razón: Unir mensajes.

    4. #14
      Usuario Avatar de MaCoque Lopez
      Registrado
      dic 2012
      Mensajes
      31
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) -{326E768D-4182-46FD-9C16-1449A49795F4} - C:\Archivos de programa\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
      O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Archivos de programa\Wajam\IE\priam_bho.dll (Wajam)
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
      O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {c2ed826e-8903-4a9d-b0df-3a8fb8ea918a} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
      O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
      O4 - HKLM..\Run: [APSDaemon] C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [DivXUpdate] C:\Archivos de programa\DivX\DivX Update\DivXUpdate.exe ()
      O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.exe (Vimicro)
      O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
      O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
      O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
      O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
      O4 - HKLM..\Run: [VMSnap3] C:\WINDOWS\vmsnap3.exe (ZSMCSNAP)
      O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Archivos de programa\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      O4 - HKCU..\Run: [Spotify Web Helper] C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
      O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
      O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Adobe Gamma.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
      O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\OfferBox.lnk = File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
      O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Familia Morey Lopez\Datos de programa\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
      O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Familia Morey Lopez\Datos de programa\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/...oUploader5.cab (Facebook Photo Uploader 5 Control)
      O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.4.1.cab (DLM Control)
      O16 - DPF: {48D9E4FD-2FD3-4C69-BAF3-682E9C616815} Notificaciones electrónicas - 060 - Inicio (SNAE_MSA.MSA)
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
      O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (Reg Error: Key error.)
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messen.../GAME_UNO1.cab (UnoCtrl Class)
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} Online Scan (BDSCANONLINE Control)
      O16 - DPF: {61FA0CB0-0806-46EA-B784-0F843285BA23} http://estaticosak1.tuenti.com/clien...ader.31615.cab (TuentiFotoUploader Control)
      O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
      O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
      O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.3)
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class)
      O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
      O16 - DPF: {F20566F7-278D-4B42-8C2A-9B4A9EEFDA8B} http://www.photoincident.com/photo.cab (Photo Control)
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary...r.cab56986.cab (Minesweeper Flags Class)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.42.63.52 62.42.230.24
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE534CDA-674A-4383-85C0-EC28A8EC54DD}: DhcpNameServer = 62.42.63.52 62.42.230.24
      O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (c:\docume~1\alluse~1\datosd~1\browse~1\25911~1.18\{c16c1~1\mngr.dll) - c:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\cryptnet32: DllName - (cryptnet32.dll) - File not found
      O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
      O24 - Desktop WallPaper: C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O24 - Desktop BackupWallPaper: C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2008/11/03 21:14:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
      O33 - MountPoints2\{435cbc11-153e-11de-a0ef-001d7d9728c0}\Shell - "" = AutoRun
      O33 - MountPoints2\{435cbc11-153e-11de-a0ef-001d7d9728c0}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
      O33 - MountPoints2\{6db184fc-7633-11e0-a55b-001d7d9728c0}\Shell - "" = AutoRun
      O33 - MountPoints2\{6db184fc-7633-11e0-a55b-001d7d9728c0}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

      NetSvcs: 6to4 - File not found
      NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
      NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
      NetSvcs: Ias - File not found
      NetSvcs: Iprip - File not found
      NetSvcs: Irmon - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
      NetSvcs: WmdmPmSp - File not found


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/12/04 18:05:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Familia Morey Lopez\Recent
      [2012/12/04 18:03:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\CCleaner
      [2012/12/04 18:03:05 | 000,000,000 | ---D | C] -- C:\Archivos de programa\CCleaner
      [2012/12/04 18:01:25 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Vittalia
      [2012/12/03 22:11:35 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2012/12/02 15:17:08 | 000,115,008 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\efavdrv.sys
      [2012/11/29 13:50:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Familia Morey Lopez\Menú Inicio\Programas\Browser Manager
      [2012/11/29 13:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Claro
      [2012/11/29 13:49:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Browser Manager
      [2012/11/29 13:48:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\YourFileDownloader
      [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
      [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2012/12/05 08:12:00 | 000,000,838 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
      [2012/12/05 08:09:01 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
      [2012/12/05 07:56:10 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
      [2012/12/05 07:56:10 | 000,000,338 | ---- | M] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job
      [2012/12/05 07:56:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
      [2012/12/04 21:47:09 | 000,001,509 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\reportes.rtf
      [2012/12/04 21:22:17 | 000,000,516 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1F50E7BB-6F88-42B8-BDFD-05F30AA98148}.job
      [2012/12/04 19:02:25 | 000,004,211 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\quitar el virus.rtf
      [2012/12/04 18:17:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\OfferBoxUpdate.job
      [2012/12/04 18:03:07 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\CCleaner.lnk
      [2012/12/04 17:25:16 | 000,017,993 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\insensible.jpg
      [2012/12/04 17:24:09 | 000,010,176 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\bankia.jpg
      [2012/12/04 17:24:00 | 000,035,925 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Chiste Flanagan Derechos humanos.jpg
      [2012/12/04 17:14:37 | 000,074,658 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\faro.jpg
      [2012/12/04 16:14:29 | 000,000,478 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Familia Morey Lopez.job
      [2012/12/02 15:17:09 | 000,115,008 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\efavdrv.sys
      [2012/12/02 14:50:08 | 000,251,904 | -H-- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\photothumb.db
      [2012/12/02 09:30:35 | 000,769,225 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\desahucios-y-sucicidios.jpg
      [2012/12/02 09:22:47 | 000,054,354 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\pobreza.jpg
      [2012/12/01 20:01:15 | 000,032,120 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\CARTEL CRISIS.rtf
      [2012/12/01 13:02:48 | 000,001,778 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Mis documentos\otro sosobuco en fusiooncook.rtf
      [2012/11/30 14:21:17 | 004,420,326 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Te Pintaron Pajaritos [Video Oficial] Yandar Yostin Feat Andy Rivera ® HD.mp3
      [2012/11/30 14:20:17 | 004,894,919 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele Hiding My Heart lyrics.mp3
      [2012/11/30 14:19:39 | 005,161,994 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele I found a boy (Sub españolinglés).mp3
      [2012/11/30 14:18:56 | 003,833,763 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Jo mai mai Joan Dausà i els Tipus d'Interès.mp3
      [2012/11/30 12:28:08 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
      [2012/11/30 12:18:48 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
      [2012/11/29 13:48:16 | 000,001,701 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\YourFile Downloader.lnk
      [2012/11/28 21:57:25 | 000,056,740 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\librosficcion.jpg
      [2012/11/25 21:43:42 | 000,053,693 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\laia2.jpg
      [2012/11/22 21:37:57 | 000,092,435 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Chiste Cupido Huelga.png
      [2012/11/22 17:37:20 | 005,114,975 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Pendulum 'Watercolour'.mp3
      [2012/11/22 17:36:18 | 005,447,252 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\David Guetta She Wolf (Lyrics Video) ft Sia.mp3
      [2012/11/22 17:34:37 | 005,334,028 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele Hometown Glory.mp3
      [2012/11/22 17:33:13 | 005,777,900 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Lax'n'Busto Tinc fam de tu (Amb lletra).mp3
      [2012/11/22 17:32:19 | 005,308,698 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Rihanna Like a diamonds Lyrics HD.mp3
      [2012/11/15 17:19:49 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\~$eaner (NO LO QUITES DE INICIO).rtf
      [2012/11/15 10:35:32 | 002,221,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
      [2012/11/15 00:20:49 | 000,499,672 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat
      [2012/11/15 00:20:49 | 000,436,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
      [2012/11/15 00:20:49 | 000,087,580 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat
      [2012/11/15 00:20:49 | 000,069,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
      [2012/11/10 22:00:34 | 000,196,688 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\obrero.png
      [2012/11/08 19:32:10 | 000,099,029 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\imagen.jpg-large
      [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
      [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2012/12/04 21:43:16 | 000,001,509 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\reportes.rtf
      [2012/12/04 19:02:25 | 000,004,211 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\quitar el virus.rtf
      [2012/12/04 18:03:07 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\CCleaner.lnk
      [2012/12/04 17:25:18 | 000,017,993 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\insensible.jpg
      [2012/12/04 17:24:12 | 000,010,176 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\bankia.jpg
      [2012/12/04 17:24:04 | 000,035,925 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Chiste Flanagan Derechos humanos.jpg
      [2012/12/04 17:14:49 | 000,074,658 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\faro.jpg
      [2012/12/02 09:22:52 | 000,054,354 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\pobreza.jpg
      [2012/12/02 09:15:15 | 000,769,225 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\desahucios-y-sucicidios.jpg
      [2012/12/01 18:55:12 | 000,032,120 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\CARTEL CRISIS.rtf
      [2012/12/01 13:02:48 | 000,001,778 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Mis documentos\otro sosobuco en fusiooncook.rtf
      [2012/11/30 14:21:07 | 004,420,326 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Te Pintaron Pajaritos [Video Oficial] Yandar Yostin Feat Andy Rivera ® HD.mp3
      [2012/11/30 14:20:05 | 004,894,919 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele Hiding My Heart lyrics.mp3
      [2012/11/30 14:19:25 | 005,161,994 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele I found a boy (Sub españolinglés).mp3
      [2012/11/30 14:18:42 | 003,833,763 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Jo mai mai Joan Dausà i els Tipus d'Interès.mp3
      [2012/11/29 13:48:17 | 000,000,338 | ---- | C] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job
      [2012/11/29 13:48:16 | 000,001,701 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\YourFile Downloader.lnk
      [2012/11/28 21:57:29 | 000,056,740 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\librosficcion.jpg
      [2012/11/25 21:43:49 | 000,053,693 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\laia2.jpg
      [2012/11/22 21:37:59 | 000,092,435 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Chiste Cupido Huelga.png
      [2012/11/22 17:37:04 | 005,114,975 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Pendulum 'Watercolour'.mp3
      [2012/11/22 17:35:56 | 005,447,252 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\David Guetta She Wolf (Lyrics Video) ft Sia.mp3
      [2012/11/22 17:34:23 | 005,334,028 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele Hometown Glory.mp3
      [2012/11/22 17:32:58 | 005,777,900 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Lax'n'Busto Tinc fam de tu (Amb lletra).mp3
      [2012/11/22 17:31:58 | 005,308,698 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Rihanna Like a diamonds Lyrics HD.mp3
      [2012/11/15 17:19:49 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\~$eaner (NO LO QUITES DE INICIO).rtf
      [2012/11/10 22:00:40 | 000,196,688 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\obrero.png
      [2012/11/09 21:27:12 | 000,251,904 | -H-- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\photothumb.db
      [2012/11/08 19:32:16 | 000,099,029 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\imagen.jpg-large
      [2012/10/22 18:06:49 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\.recently-used.xbel
      [2012/08/10 16:38:18 | 000,022,440 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\21467076_Setup.crx
      [2012/03/06 15:22:41 | 000,000,547 | ---- | C] () -- C:\WINDOWS\wininit.ini
      [2012/02/16 17:04:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
      [2011/05/22 11:21:42 | 000,073,324 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
      [2011/05/04 10:38:46 | 001,064,368 | ---- | C] () -- C:\Documents and Settings\All Users\Datos de programa\bdinstall.bin
      [2011/03/13 21:55:03 | 000,296,641 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
      [2011/02/14 14:23:25 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
      [2009/05/23 18:04:07 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\$FFPROFINI$prefs.js
      [2008/12/21 18:08:57 | 000,245,760 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2008/12/08 21:39:32 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\default.pls
      [2008/11/20 15:31:02 | 000,002,012 | -H-- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\SCPSP6.DLL
      [2008/11/20 15:30:56 | 000,002,985 | RHS- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\scpsv6.dll
      [2008/11/10 15:31:02 | 000,001,540 | RHS- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\SCPSS6.DLL

      ========== ZeroAccess Check ==========

      [2008/11/11 18:35:53 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 03:18:36 | 001,499,648 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:52:53 | 000,473,600 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 03:18:46 | 000,273,920 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/09/26 16:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Ask
      [2012/07/11 16:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\AVAST Software
      [2011/07/06 15:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\BitDefender
      [2011/06/18 09:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\boost_interprocess
      [2012/11/29 13:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Browser Manager
      [2011/07/06 14:26:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Datos de programa\Common Files
      [2012/04/16 17:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\DAEMON Tools Lite
      [2012/10/21 17:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ESET
      [2009/03/03 17:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\MAGIX
      [2009/12/19 19:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Messenger Plus!
      [2011/07/06 14:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\MFAData
      [2009/05/24 16:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
      [2010/07/17 13:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TuneUp Software
      [2011/05/20 14:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
      [2009/12/25 20:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{755AC846-7372-4AC8-8550-C52491DAA8BD}
      [2010/07/17 13:11:40 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Datos de programa\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
      [2011/09/17 21:48:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Audacity
      [2009/08/26 11:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\BeautyPilot
      [2012/11/29 13:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Claro
      [2012/05/22 09:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\DAEMON Tools Lite
      [2012/10/05 11:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\DDMSettings
      [2012/09/26 17:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\DVDVideoSoft
      [2011/08/08 21:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\gtk-2.0
      [2008/12/28 19:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\MSNInstaller
      [2012/04/20 10:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\OfferBox
      [2012/09/26 16:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\OpenCandy
      [2010/05/14 14:57:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Panda Security
      [2012/10/15 07:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\PriceGong
      [2011/07/06 15:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\QuickScan
      [2012/03/06 17:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\searchquband
      [2009/03/25 22:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Simply Super Software
      [2012/11/13 17:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Spotify
      [2008/12/04 11:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\TuneUp Software
      [2010/01/30 18:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\UltraGet
      [2012/10/20 15:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\uTorrent
      [2011/06/05 22:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\WebcamMax
      [2012/11/29 13:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\YourFileDownloader

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/12/04 21:59:28 | 000,000,923 | ---- | M] () -- C:\AT-Destroyer.txt
      [2008/11/03 21:14:03 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
      [2008/12/08 21:31:54 | 000,000,223 | -HS- | M] () -- C:\boot.ini
      [2006/03/02 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
      [2009/03/22 17:58:42 | 000,002,673 | ---- | M] () -- C:\cleannavi.txt
      [2008/11/03 21:14:03 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
      [2008/12/08 21:33:15 | 000,000,206 | ---- | M] () -- C:\csb.log
      [2012/09/26 17:01:48 | 001,134,284 | ---- | M] () -- C:\Documents
      [2009/03/21 19:42:48 | 000,002,751 | ---- | M] () -- C:\fixnavi.txt
      [2008/11/03 21:14:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2008/11/03 21:14:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2008/08/09 09:24:46 | 000,059,728 | ---- | M] (Patchou) -- C:\msimg32.dll
      [2006/03/02 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
      [2008/11/21 08:33:40 | 000,251,168 | RHS- | M] () -- C:\ntldr
      [2004/02/29 16:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp
      [2012/12/05 07:55:59 | 1509,949,440 | -HS- | M] () -- C:\pagefile.sys
      [2008/12/08 21:33:15 | 000,000,430 | ---- | M] () -- C:\RHDSetup.log
      [2008/12/10 17:54:41 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
      [2008/12/24 18:42:48 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
      [2008/12/24 19:50:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
      [2008/12/25 00:44:21 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
      [2008/12/10 17:54:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
      [2008/12/24 18:42:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
      [2008/12/24 19:50:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
      [2008/12/25 00:44:21 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
      [2009/10/10 18:14:10 | 000,115,574 | ---- | M] () -- C:\systemlog
      [2009/10/10 18:14:10 | 007,861,280 | ---- | M] () -- C:\ucL6Y9KerBE.mp3

      ========== Alternate Data Streams ==========
      Última edición por @Javier_HF fecha: 05/12/12 a las 07:52:43 Razón: Unir mensajes.

    5. #15
      Usuario Avatar de MaCoque Lopez
      Registrado
      dic 2012
      Mensajes
      31
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winoldap.mod:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winnls.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmsd.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmine.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhlp32.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhelp.hlp:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winfax.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winchat.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win87em.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win.com:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wifeman.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiavusd.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiasf.ax:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webhits.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webfldrs.msi:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wdl.trm:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.sve:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.nld:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.ita:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.fra:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.esn:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.enu:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.deu:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.sve:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.nld:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.ita:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.fra:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.esn:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.enu:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.deu:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32topl.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32tm.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vssadmin.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vss_ps.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vjoy.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vfpodbc.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\verifier.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ver.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Ver canales.scf:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vcdex.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vbses.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\v7vga.rom:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\utildll.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvpa.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvoica.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv80a.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv42a.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsvpia.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrshuta.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsdpia.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrrtosa.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrprbda.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrmlnka.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlogon.cmd:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlbva.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrfaxa.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdtea.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdpa.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcoina.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcntra.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\user.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ureg.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unlodctr.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\umdmxfrm.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ufat.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typelib.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsshutdn.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.h:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tskill.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsdiscon.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsd32.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscupgrd.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscon.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsappcmp.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\traffic.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracert6.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\toolhelp.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tftp.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\telephon.cpl:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpsvcs.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmon.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcmsetup.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\taskman.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapiperf.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapi.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\systray.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprtj.sep:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprint.sep:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syskey.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysinv.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysedit.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syncapp.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\swprv.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\svcpack.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subst.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subrange.uce:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\streamci.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\storage.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\stdole32.tlb:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwoa.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwid.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsrv32.rll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsodbc.chm:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spxcoins.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio800.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio600.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprestrt.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spnike.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sol.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\softpub.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sndvol32.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbrccsp.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbcsp.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\skdll.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sisbkup.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shiftjis.uce:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shellstyle.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shell.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\share.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shadow.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfmapi.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfc.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setver.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setupdll.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setup.bmp:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serwvdrv.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\services.msc:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serialui.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\senscfg.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.sig:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.dat:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sdpblb.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrrnes.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scredir.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scoes.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sccbase.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scardssp.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rwinsta.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\runas.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtm.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpperf.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpmsg.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpcnts.h:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvp.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmui.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmsink.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsm.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsaci.rat:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rpcns4.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routetab.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routemon.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\route.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rnr20.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\reset.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\replace.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rend.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regwiz.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regini.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regedt32.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\redir.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\recover.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpcfgex.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasser.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasrad.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmxs.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmontr.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasdial.exe:KAVICHS

      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrnm.h:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasautou.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qwinsta.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qosname.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qappsrv.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pubprn.vbs:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\psnppagn.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pscript.sep:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdcnt.h:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prodspec.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\print.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prflbmsg.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pmspl.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\plustab.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ping6.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pifmgr.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.h:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfts.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi00A.dat:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi009.dat:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.h:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd00A.dat:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd009.dat:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.h:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pentnt.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pcl.sep:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pathping.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\paqsp.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\panmap.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\osuninst.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olesvr.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olecli.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2nls.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2disp.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.sig:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.dat:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.bin:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbc16gt.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntsdexts.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntsd.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsoprq.msc:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsmgr.msc:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsevt.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui2.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio804.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio412.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio411.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio404.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntimage.gif:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos804.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos412.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos411.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos404.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.tha:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.sve:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.nld:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.ita:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.fra:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.esn:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.enu:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.eng:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.deu:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.dat:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.cht:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.chs:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nmevtmsg.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nlsfunc.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netui2.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\neth.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netapi.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net.hlp:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ncxpnt.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ncpa.cpl:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nbtstat.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\narrhook.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mycomput.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxmlr.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml2r.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvideo.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcrt20.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp50.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvbvm50.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswchx.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswch.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssip32.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssign32.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrecr40.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrclr40.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msratelc.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2cenu.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2c.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msports.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msobjs.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msidntld.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msencode.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.h:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscdexnt.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscat32.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaudite.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msacm.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaatext.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mrinfo.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprui.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprmsg.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprddm.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpnotify.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mountvol.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\modex.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mode.com:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmutilse.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmtask.tsk:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmdriver.inf:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_qic.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_mtf.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_hp.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mlang.dat:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\migpwd.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mib.bin:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc40loc.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mem.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdwmdmsp.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdhcp.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciwave.drv:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciseq.drv:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole32.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole16.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcicda.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciavi.drv:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mchgrcoi.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcdsrv32.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcd32.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapistub.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\main.cpl:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mag_hook.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lzexpand.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lusrmgr.msc:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lprmonui.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpr.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpq.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\logoff.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loghours.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lodctr.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loadfix.com:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lnkstub.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lights.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lanman.drv:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\langwrbk.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\label.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_intl.nls:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_except.nls:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\krnl386.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\korean.uce:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keyboard.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\key01.sys:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kdcom.dll:KAVICHS

      *************************************

      ME ENTRAN GANAS DE REIR PARA NO LLORAR...ESTE INFORME NUNCA SE ACABA Y YA NO SE POR DONDE IBA..ME HE PERDIDO
      Seguramente no es todo el informe lo que debo trasladarte.Dime que parte de él es la que debo ponerte porque esto nunca se acaba
      Última edición por @Javier_HF fecha: 05/12/12 a las 07:28:17 Razón: Unir mensajes.

    6. #16
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.696

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      No te preocupes con lo que has puesto ya me puede servir, aunque en realidad el informe no debería ser tan largo, y siempre hay que ponerlos completos.

      Ahora unicamente espera a que te ponga los siguientes pasos, tardare ya que el informe es bastante extenso.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #17
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.696

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      Ahora sigue estos pasos :

      MUY Importante ~ Realiza una copia de seguridad del registro con >> Erunt.
      Y después ejecuta de nuevo OTL.exe

      Copia y Pega el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación.

      Código:
      :OTL
      PRC - C:\Archivos de programa\Wajam\Updater\WajamUpdater.exe (Wajam)
      MOD - c:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      SRV - (Browser Manager) -- C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe ()
      SRV - (WajamUpdater) -- C:\Archivos de programa\Wajam\Updater\WajamUpdater.exe (Wajam)
      DRV - (WDICA) -- File not found
      DRV - (RimUsb) -- System32\Drivers\RimUsb.sys File not found
      DRV - (PDRFRAME) -- File not found
      DRV - (PDRELI) -- File not found
      DRV - (PDFRAME) -- File not found
      DRV - (PDCOMP) -- File not found
      DRV - (PCIDump) -- File not found
      DRV - (mfehidk) -- system32\drivers\mfehidk.sys File not found
      DRV - (mfeapfk) -- system32\drivers\mfeapfk.sys File not found
      DRV - (lbrtfdc) -- File not found
      DRV - (i2omgmt) -- File not found
      DRV - (Changer) -- File not found
      DRV - (catchme) -- C:\DOCUME~1\FAMILI~1\CONFIG~1\Temp\catchme.sys File not found
      DRV - (adfs) -- File not found
      IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Claro Search
      IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
      IE - HKCU\..\URLSearchHook: {c2ed826e-8903-4a9d-b0df-3a8fb8ea918a} - No CLSID value found
      IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.claro-search.com/?q={searchTerms}&affID=116775&tt=261112_clro_4812_2&babsrc=SP_ss&mntrId=ec58bbfa000000000000001d7d9728c0
      IE - HKCU\..\SearchScopes\{85EE7638-9828-4113-8636-69B36E15DFE3}: "URL" = http://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=18&tid={BADC69A7-64F8-44b3-8E70-9649D6FC107D}
      IE - HKCU\..\SearchScopes\{A34587234-AWER-3256-5TY6-12EDERGTY568}: "URL" = http://www.mbuscas.com/search.php?pagina=1&rxp=20&q={searchTerms}
      IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351364
      IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://es.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_es&p={searchTerms}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
      FF - prefs.js..browser.search.defaultenginename: "Claro Search"
      FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
      FF - prefs.js..browser.search.selectedEngine: "Claro Search"
      FF - prefs.js..browser.startup.homepage: "http://www.claro-search.com/?affID=116775&tt=261112_clro_4812_2&babsrc=HP_ss&mntrId=ec58bbfa000000000000001d7d9728c0"
      FF - prefs.js..extensions.enabledAddons: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.3
      FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.15.1.0
      FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
      FF - prefs.js..extensions.enabledItems: [email protected]:1.0
      FF - prefs.js..extensions.enabledItems: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.3
      FF - prefs.js..extensions.enabledItems: [email protected]:1.1.3
      FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
      FF - prefs.js..keyword.URL: "http://www.claro-search.com/?affID=116775&tt=261112_clro_4812_2&babsrc=KW_ss&mntrId=ec58bbfa000000000000001d7d9728c0&q="
      FF - prefs.js..network.proxy.type: 0
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012/11/29 13:49:55 | 000,000,000 | ---D | M]
      [2012/10/23 12:39:54 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
      [2009/09/24 22:00:08 | 000,000,000 | ---D | M] (My Tattoons (Fast Browser Search)) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
      [2011/06/17 20:39:35 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\searchplugins\SearchResults.xml
      [2012/11/29 13:49:55 | 000,000,000 | ---D | M] (Browser Manager) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATOS DE PROGRAMA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION
      [2012/11/29 13:49:19 | 000,006,532 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\babylon.xml
      [2011/11/05 04:57:33 | 000,001,143 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\eBay-es.xml
      [2009/09/24 22:00:08 | 000,003,700 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\fast.png
      [2009/09/24 22:00:08 | 000,001,963 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\fast.xml
      [2011/06/17 20:39:35 | 000,002,501 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\SearchResults.xml
      CHR - Extension: Claro Toolbar = C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.1_0\
      O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
      O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Archivos de programa\Wajam\IE\priam_bho.dll (Wajam)
      O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
      O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {c2ed826e-8903-4a9d-b0df-3a8fb8ea918a} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
      O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\OfferBox.lnk = File not found
      O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Familia Morey Lopez\Datos de programa\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
      O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Familia Morey Lopez\Datos de programa\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
      O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (Reg Error: Key error.)
      O20 - AppInit_DLLs: (c:\docume~1\alluse~1\datosd~1\browse~1\25911~1.18\{c16c1~1\mngr.dll) - c:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll ()
      O20 - Winlogon\Notify\cryptnet32: DllName - (cryptnet32.dll) - File not found
      O33 - MountPoints2\{435cbc11-153e-11de-a0ef-001d7d9728c0}\Shell - "" = AutoRun
      O33 - MountPoints2\{435cbc11-153e-11de-a0ef-001d7d9728c0}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
      O33 - MountPoints2\{6db184fc-7633-11e0-a55b-001d7d9728c0}\Shell - "" = AutoRun
      O33 - MountPoints2\{6db184fc-7633-11e0-a55b-001d7d9728c0}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
      [2012/11/29 13:50:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Familia Morey Lopez\Menú Inicio\Programas\Browser Manager
      [2012/11/29 13:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Claro
      [2012/11/29 13:49:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Browser Manager
      [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
      [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
      [2012/12/05 07:56:10 | 000,000,338 | ---- | M] () -- C:\WINDOWS\tasks\YourFile DownloaderUpdate.job
      [2012/12/04 18:17:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\OfferBoxUpdate.job
      [2012/09/26 16:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Ask
      [2012/11/29 13:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Browser Manager
      [2012/11/29 13:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Claro
      [2012/09/26 16:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\OpenCandy
      [2012/03/06 17:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\searchquband
      :Files
      C:\sqmnoopt*.sqm
      ipconfig /flushdns /c
      ipconfig /renew /c
      :Commands
      [PURITY]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [RESETHOSTS]
      Presiona el Botón Reparar para lanzar la eliminación. Después presionas en OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.

      Guardas el nuevo reporte generado, y lo copias y pegas en tu próxima respuesta.

      Antes de contestarnos, y después de pasar OTL, revisa/actualiza tu versión de Java(Muy Importante) >> Descarga gratuita del software de Java

      Y cuando nos contestes dinos que versión de Java se ha quedado instalada >> ¿Cómo puedo comprobar si Java funciona en mi equipo?

      Recuerda ponernos el log de OTL, y dinos también que versión de Java tienes ahora y como sigue el ordenador, en relación al problema planteado.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #18
      Usuario Avatar de MaCoque Lopez
      Registrado
      dic 2012
      Mensajes
      31

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      Una pregunta mas. Debo poner todo eso en analisis personalizado, perfecto ¿pero debo volver a señalar las casillas que me indicaste la primera vez?

    9. #19
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.696

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      Lo único que hay que hacer es copiar y pegar lo que te puse, y darle al botón de "Reparar", lo demás no hace falta que lo cambies déjalo como este.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #20
      Usuario Avatar de MaCoque Lopez
      Registrado
      dic 2012
      Mensajes
      31

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      Acabo de instalar el ERUNT que segun dice tiene dos partes mas ERDNT y NTREGOPT ¿ESO TAMBIEN LO CONFIGURO TAL Y COMO EXPLICAN LAS INSTRUCCIONES? Siento ser tan torpe pero es que todo esto me supera, me pongo nerviosa al ver que no se hacer nada y que hago perder el tiempo a otros