• Registrarse
  • Iniciar sesión


  • Página 3 de 6 PrimeroPrimero 123456 ÚltimoÚltimo
    Resultados 21 al 30 de 59

    quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

    No, solo instala el Erunt, haces la copia de seguridad y lo demás no hace falta ni que lo leas, por lo menos de momento. Saludos....

    1. #21
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.696

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      No, solo instala el Erunt, haces la copia de seguridad y lo demás no hace falta ni que lo leas, por lo menos de momento.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    2. #22
      Usuario Avatar de MaCoque Lopez
      Registrado
      dic 2012
      Mensajes
      31
      Hola he ejecutado el OTL como me indicabas, cuando eran las cuatro de la tarde hora española. He tenido que salir ,asi que lo he dejado actuar hasta ahora que son la 19,30 de la tarde y he reiniciado el equipo porque pienso que son demasiadas horas para que no haya acabado. Tal vez no funciona. Saludos

      Algo que tambien te quiero consultar es que cada vez que abro el ordenador aparece un mensaje que dice "ha agregado nuevo hardware".
      Mi ordenador es un lio porque lo utiliza tambien mi hija y a veces se descarga algunas cosas de la red quer igual estan infectadas. Entre eso y que yo tengo muy poca idea del mantenimiento del PC, es un verdadero desastre.

      Hace ya dos años que teníamos el internet explorer instalado, pero un dia mi hija cogió un archivo que alguien le paso a traves de messenger y el navegador internet explorer ya nunca mas volvió a funcionar y aunque lo tengo no se abre y no lo podemos utilizar. Utilizamos el Mozilla y sobre todo el google chrome.

      ******************************************


      He vuelto a intentar pasar el OTL diurante toda la noche pero no termina se queda parado con unas letras en ingles debajo que dicen algo asi como Killing y que no lo detengas. Sin embargo no pasa de ahí. Gracias por tu ayuda y tu paciencia
      No sé si ya lo habremos intentado todo y no tiene solución y mejor sería que lo llevara a algun técnico a reparar


      ******************************************


      Lo he vuelto a intentar por ultima vez, pero se queda parado horas...Ya no se que hacer
      Última edición por @Javier_HF fecha: 06/12/12 a las 10:14:42 Razón: Unir mensajes.

    3. #23
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.696

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      Veamos, un poquito de paciencia, intenta hacer los pasos con OTL, pero pruebalos desde el >> Modo Seguro – con funciones de Red, de Windows.

      Si te funcionan, cuando termine y te pida Reiniciar, lo haces y ya dejas que inicie windows normalmente, los pasos para actualizar Java se deben hacer siempre desde el modo normal de windows y cuando ya esté terminado el proceso de OTL.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #24
      Usuario Avatar de MaCoque Lopez
      Registrado
      dic 2012
      Mensajes
      31

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      ¡Grácias de nuevo por tu ayuda ! sé que estas cosas necesitan paciencia. Saludos

    5. #25
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.696

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      De nada, ya nos indicas como han ido los pasos y nos pones el informe.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #26
      Usuario Avatar de MaCoque Lopez
      Registrado
      dic 2012
      Mensajes
      31

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      LA VERSION JAVA QUE HE INSTALADO ES JAVA SE 7 UPDATE 09


      All processes killed
      ========== OTL ==========
      No active process named WajamUpdater.exe was found!
      Service Browser Manager stopped successfully!
      Service Browser Manager deleted successfully!
      File move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe scheduled to be moved on reboot.
      Service WajamUpdater stopped successfully!
      Service WajamUpdater deleted successfully!
      C:\Archivos de programa\Wajam\Updater\WajamUpdater.exe moved successfully.
      Service WDICA stopped successfully!
      Service WDICA deleted successfully!
      File File not found not found.
      Service RimUsb stopped successfully!
      Service RimUsb deleted successfully!
      File System32\Drivers\RimUsb.sys File not found not found.
      Service PDRFRAME stopped successfully!
      Service PDRFRAME deleted successfully!
      File File not found not found.
      Service PDRELI stopped successfully!
      Service PDRELI deleted successfully!
      File File not found not found.
      Service PDFRAME stopped successfully!
      Service PDFRAME deleted successfully!
      File File not found not found.
      Service PDCOMP stopped successfully!
      Service PDCOMP deleted successfully!
      File File not found not found.
      Service PCIDump stopped successfully!
      Service PCIDump deleted successfully!
      File File not found not found.
      Service mfehidk stopped successfully!
      Service mfehidk deleted successfully!
      File system32\drivers\mfehidk.sys File not found not found.
      Service mfeapfk stopped successfully!
      Service mfeapfk deleted successfully!
      File system32\drivers\mfeapfk.sys File not found not found.
      Service lbrtfdc stopped successfully!
      Service lbrtfdc deleted successfully!
      File File not found not found.
      Service i2omgmt stopped successfully!
      Service i2omgmt deleted successfully!
      File File not found not found.
      Service Changer stopped successfully!
      Service Changer deleted successfully!
      File File not found not found.
      Service catchme stopped successfully!
      Service catchme deleted successfully!
      File C:\DOCUME~1\FAMILI~1\CONFIG~1\Temp\catchme.sys File not found not found.
      Service adfs stopped successfully!
      Service adfs deleted successfully!
      File File not found not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!
      Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
      C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll moved successfully.
      Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}\ not found.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{85EE7638-9828-4113-8636-69B36E15DFE3}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85EE7638-9828-4113-8636-69B36E15DFE3}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A34587234-AWER-3256-5TY6-12EDERGTY568}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A34587234-AWER-3256-5TY6-12EDERGTY568}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
      HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
      HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
      Prefs.js: "Claro Search" removed from browser.search.defaultenginename
      Prefs.js: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=" removed from browser.search.defaulturl
      Prefs.js: "Claro Search" removed from browser.search.selectedEngine
      Prefs.js: "http://www.claro-search.com/?affID=116775&tt=261112_clro_4812_2&babsrc=HP_ss&mntrId=ec58bbfa000000000000001d7d9728c0" removed from browser.startup.homepage
      Prefs.js: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.3 removed from extensions.enabledAddons
      Prefs.js: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.15.1.0 removed from extensions.enabledAddons
      Prefs.js: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 removed from extensions.enabledItems
      Prefs.js: [email protected]:1.0 removed from extensions.enabledItems
      Prefs.js: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.3 removed from extensions.enabledItems
      Prefs.js: [email protected]:1.1.3 removed from extensions.enabledItems
      Prefs.js: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0 removed from extensions.enabledItems
      Prefs.js: "http://www.claro-search.com/?affID=116775&tt=261112_clro_4812_2&babsrc=KW_ss&mntrId=ec58bbfa000000000000001d7d9728c0&q=" removed from keyword.URL
      Prefs.js: 0 removed from network.proxy.type
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
      Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58bd07eb-0ee0-4df0-8121-dc9b693373df}\ not found.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\Plugins folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}\META-INF folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}\chrome folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB} folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\searchplugins\SearchResults.xml moved successfully.
      Folder move failed. C:\DOCUMENTS AND SETTINGS\ALL USERS\DATOS DE PROGRAMA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION\content scheduled to be moved on reboot.
      Folder move failed. C:\DOCUMENTS AND SETTINGS\ALL USERS\DATOS DE PROGRAMA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION\components scheduled to be moved on reboot.
      Folder move failed. C:\DOCUMENTS AND SETTINGS\ALL USERS\DATOS DE PROGRAMA\BROWSER MANAGER\2.5.911.18\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION scheduled to be moved on reboot.
      C:\Archivos de programa\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
      C:\Archivos de programa\Mozilla Firefox\searchplugins\eBay-es.xml moved successfully.
      C:\Archivos de programa\Mozilla Firefox\searchplugins\fast.png moved successfully.
      C:\Archivos de programa\Mozilla Firefox\searchplugins\fast.xml moved successfully.
      C:\Archivos de programa\Mozilla Firefox\searchplugins\SearchResults.xml moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.1_0 folder moved successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
      File C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}\ deleted successfully.
      C:\Archivos de programa\Wajam\IE\priam_bho.dll moved successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
      File C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2ed826e-8903-4a9d-b0df-3a8fb8ea918a}\ not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
      File C:\Archivos de programa\DVDVideoSoftTB\prxtbDVD0.dll not found.
      C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\OfferBox.lnk moved successfully.
      Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube Download\ deleted successfully.
      Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube to Mp3 Converter\ deleted successfully.
      Starting removal of ActiveX control {56762DEC-6B0D-4AB4-A8AD-989993B5D08B}
      C:\WINDOWS\Downloaded Program Files\OnlineScanner.inf moved successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\docume~1\alluse~1\datosd~1\browse~1\25911~1.18\{c16c1~1\mngr.dll deleted successfully.
      File move failed. c:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll scheduled to be moved on reboot.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{435cbc11-153e-11de-a0ef-001d7d9728c0}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{435cbc11-153e-11de-a0ef-001d7d9728c0}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{435cbc11-153e-11de-a0ef-001d7d9728c0}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{435cbc11-153e-11de-a0ef-001d7d9728c0}\ not found.
      File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6db184fc-7633-11e0-a55b-001d7d9728c0}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db184fc-7633-11e0-a55b-001d7d9728c0}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6db184fc-7633-11e0-a55b-001d7d9728c0}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6db184fc-7633-11e0-a55b-001d7d9728c0}\ not found.
      File G:\LaunchU3.exe not found.
      C:\Documents and Settings\Familia Morey Lopez\Menú Inicio\Programas\Browser Manager folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Claro folder moved successfully.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18 scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager scheduled to be moved on reboot.
      C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
      C:\WINDOWS\msdownld.tmp folder deleted successfully.
      C:\WINDOWS\tasks\YourFile DownloaderUpdate.job moved successfully.
      C:\WINDOWS\tasks\OfferBoxUpdate.job moved successfully.
      C:\Documents and Settings\All Users\Datos de programa\Ask\APN-Stub\ATU3\Local folder moved successfully.
      C:\Documents and Settings\All Users\Datos de programa\Ask\APN-Stub\ATU3 folder moved successfully.
      C:\Documents and Settings\All Users\Datos de programa\Ask\APN-Stub folder moved successfully.
      C:\Documents and Settings\All Users\Datos de programa\Ask folder moved successfully.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18 scheduled to be moved on reboot.
      Folder move failed. C:\Documents and Settings\All Users\Datos de programa\Browser Manager scheduled to be moved on reboot.
      Folder C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Claro\ not found.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\OpenCandy\0FF5341C58D04DA580B5E2E15CB1F86C folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\OpenCandy folder moved successfully.
      C:\Documents and Settings\Familia Morey Lopez\Datos de programa\searchquband folder moved successfully.
      ========== FILES ==========
      C:\sqmnoopt00.sqm moved successfully.
      C:\sqmnoopt01.sqm moved successfully.
      C:\sqmnoopt02.sqm moved successfully.
      C:\sqmnoopt03.sqm moved successfully.
      < ipconfig /flushdns /c >
      Configuración IP de Windows
      Error interno: Solicitud no compatible.

      Póngase en contacto con los servicios de soporte técnico de Microsoft para
      obtener ayuda.
      Información adicional: no se puede encontrar el nombre de host.
      C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads\cmd.bat deleted successfully.
      C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuración IP de Windows
      Error interno: Solicitud no compatible.

      Póngase en contacto con los servicios de soporte técnico de Microsoft para
      obtener ayuda.
      Información adicional: no se puede encontrar el nombre de host.
      C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads\cmd.bat deleted successfully.
      C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: All Users

      User: Default User

      User: Familia Morey Lopez
      ->Flash cache emptied: 4757033 bytes

      User: LocalService

      User: NetworkService

      Total Flash Files Cleaned = 5,00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes

      User: Familia Morey Lopez
      ->Temp folder emptied: 4259314 bytes
      ->Temporary Internet Files folder emptied: 4899410 bytes
      ->Java cache emptied: 317080 bytes
      ->FireFox cache emptied: 74981608 bytes
      ->Google Chrome cache emptied: 20881822 bytes
      ->Apple Safari cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: LocalService
      ->Temp folder emptied: 66016 bytes
      ->Temporary Internet Files folder emptied: 3250241 bytes

      User: NetworkService
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 100844679 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\dllcache .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 0 bytes
      RecycleBin emptied: 715 bytes

      Total Files Cleaned = 200,00 mb

      C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 12062012_154322

      Files\Folders moved on Reboot...
      C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe moved successfully.
      C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content folder moved successfully.
      C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components folder moved successfully.
      C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension folder moved successfully.
      c:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll moved successfully.
      C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings folder moved successfully.
      C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} folder moved successfully.
      C:\Documents and Settings\All Users\Datos de programa\Browser Manager\2.5.911.18 folder moved successfully.
      C:\Documents and Settings\All Users\Datos de programa\Browser Manager folder moved successfully.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    7. #27
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.696

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      Bien, y ahora como sigue el equipo en relación al problema planteado. ??

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #28
      Usuario Avatar de MaCoque Lopez
      Registrado
      dic 2012
      Mensajes
      31

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      Te habia puesto hace un momento que ya no aparecía el Claro search, pero no es así. Sigue apareciendo al abrir el navegador del Chrome. Primero aparece una página donde dice "no has iniciado sesion en Chrome" pidiendo contraseña y e mail y despues si intento ir a google sale de nuevo el claro search
      Última edición por MaCoque Lopez fecha: 06/12/12 a las 12:45:12

    9. #29
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Spain.
      Mensajes
      21.696

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      Realiza de nuevo un análisis con OTL como el que te indique en el post #8 , solo OTL y nos pones el nuevo informe, espero que no sea tan largo como la ultima vez, ahora ya debes poner todo lo que te salga.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #30
      Usuario Avatar de MaCoque Lopez
      Registrado
      dic 2012
      Mensajes
      31

      Re: quitar el claro search,Y cuando lo intento no hago nada mas que complicarlo

      OTL logfile created on: 06/12/2012 19:14:23 - Run 3
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads
      Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
      Internet Explorer (Version = 8.0.6001.18702)
      Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      958,42 Mb Total Physical Memory | 635,48 Mb Available Physical Memory | 66,31% Memory free
      2,26 Gb Paging File | 1,84 Gb Available in Paging File | 81,29% Paging File free
      Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
      Drive C: | 149,04 Gb Total Space | 5,74 Gb Free Space | 3,85% Space Free | Partition Type: NTFS
      Drive D: | 181,30 Gb Total Space | 88,78 Gb Free Space | 48,97% Space Free | Partition Type: NTFS

      Computer Name: FAMILIA | User Name: Familia Morey Lopez | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Archivos de programa\Java\jre7\bin\jqs.exe (Oracle Corporation)
      PRC - C:\Documents and Settings\Familia Morey Lopez\Mis documentos\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
      PRC - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
      PRC - C:\Archivos de programa\DivX\DivX Update\DivXUpdate.exe ()
      PRC - C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
      PRC - C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
      PRC - C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
      PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      PRC - C:\WINDOWS\vmsnap3.exe (ZSMCSNAP)
      PRC - C:\WINDOWS\Domino.exe (Vimicro)


      ========== Modules (No Company Name) ==========

      MOD - C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\zlib1.dll ()
      MOD - C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\libxml2.dll ()
      MOD - C:\Archivos de programa\DivX\DivX Update\DivXUpdateCheck.dll ()
      MOD - C:\Archivos de programa\DivX\DivX Update\DivXUpdate.exe ()
      MOD - C:\WINDOWS\system32\msdmo.dll ()


      ========== Services (SafeList) ==========

      SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
      SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
      SRV - (JavaQuickStarterService) -- C:\Archivos de programa\Java\jre7\bin\jqs.exe (Oracle Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (SkypeUpdate) -- C:\Archivos de programa\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (Apple Mobile Device) -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
      SRV - (odserv) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
      SRV - (TuneUp.Defrag) -- C:\Archivos de programa\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
      SRV - (TuneUp.UtilitiesSvc) -- C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
      SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
      SRV - (Adobe LM Service) -- C:\Archivos de programa\Archivos comunes\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
      SRV - (ose) -- C:\Archivos de programa\Archivos comunes\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (efavdrv) -- C:\WINDOWS\system32\drivers\efavdrv.sys (ESET)
      DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
      DRV - (TuneUpUtilitiesDrv) -- C:\Archivos de programa\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
      DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
      DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
      DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
      DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
      DRV - (PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)
      DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
      DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
      DRV - (ZSMC303) -- C:\WINDOWS\system32\drivers\usbVM303.sys (Vimicro Corporation)
      DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
      DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
      DRV - (vmfilter303) -- C:\WINDOWS\system32\drivers\vmfilter303.sys (Vimicro Corporation)
      DRV - (netrcacm) -- C:\WINDOWS\system32\drivers\netrcacm.sys (Thomson Inc.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


      IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
      IE - HKU\.DEFAULT\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
      IE - HKU\S-1-5-18\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page =
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN España: Hotmail, Messenger, Skype y Cuenta Microsoft
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Bing [binary data]
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\..\SearchScopes,DefaultScope =
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\..\SearchScopes\{8BAF38B5-C6D6-49D7-B928-54820E96E2FF}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\..\SearchScopes\{D8947097-DB7B-481C-BC73-07E510191056}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_es
      IE - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: ""
      FF - prefs.js..browser.search.defaulturl: ""
      FF - prefs.js..browser.search.selectedEngine: ""
      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..extensions.enabledAddons: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0


      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Archivos de programa\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Archivos de programa\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Archivos de programa\Google\Picasa3\npPicasa3.dll (Google, Inc.)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Archivos de programa\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Archivos de programa\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Archivos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Archivos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Facebook\npfbplugin_1_0_3.dll File not found

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Archivos de programa\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/09/26 16:25:41 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Archivos de programa\Mozilla Firefox\components [2012/03/25 19:40:58 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox\plugins [2011/11/10 08:20:58 | 000,000,000 | ---D | M]

      [2012/03/06 15:22:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Extensions
      [2012/12/06 15:43:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions
      [2010/06/27 13:04:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
      [2012/05/02 2237 | 000,000,000 | ---D | M] (DealPly) -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
      [2012/12/03 15:30:19 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\searchplugins\facebook.xml
      [2012/11/29 13:49:54 | 000,002,526 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Mozilla\Firefox\Profiles\0c3npzgc.default\searchplugins\mngr.xml
      [2012/03/06 15:22:58 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
      [2011/10/21 22:50:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Archivos de programa\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
      [2012/03/25 19:40:57 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Archivos de programa\mozilla firefox\components\browsercomps.dll
      [2011/11/05 04:32:18 | 000,002,252 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\bing.xml
      [2011/11/05 04:57:33 | 000,003,996 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\drae.xml
      [2012/01/13 22:15:44 | 000,002,040 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\twitter.xml
      [2011/11/05 04:57:33 | 000,001,178 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\wikipedia-es.xml
      [2011/11/05 04:57:33 | 000,001,102 | ---- | M] () -- C:\Archivos de programa\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - homepage: Google
      CHR - default_search_provider: claro-search.com (Enabled)
      CHR - default_search_provider: search_url = http://www.claro-search.com/?q={searchTerms}&s=web&as=0&rlz=0&babsrc=NT_ss
      CHR - default_search_provider: suggest_url =
      CHR - homepage: Google
      CHR - plugin: Shockwave Flash (Enabled) = C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Archivos de programa\Google\Chrome\Application\23.0.1271.95\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Archivos de programa\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
      CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\NPOFF12.DLL
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin2.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin3.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin4.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin5.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin6.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin7.dll
      CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Archivos de programa\Mozilla Firefox\plugins\npqtplugin8.dll
      CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npdrmv2.dll
      CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Archivos de programa\Windows Media Player\npdsplay.dll
      CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Archivos de programa\Windows Media Player\npwmsdrm.dll
      CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Archivos de programa\DivX\DivX OVS Helper\npovshelper.dll
      CHR - plugin: DivX Plus Web Player (Enabled) = C:\Archivos de programa\DivX\DivX Plus Web Player\npdivx32.dll
      CHR - plugin: Picasa (Enabled) = C:\Archivos de programa\Google\Picasa3\npPicasa3.dll
      CHR - plugin: Google Update (Enabled) = C:\Archivos de programa\Google\Update\1.3.21.123\npGoogleUpdate3.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Archivos de programa\Microsoft Silverlight\5.1.10411.0\npctrl.dll
      CHR - plugin: iTunes Application Detector (Enabled) = C:\Archivos de programa\iTunes\Mozilla Plugins\npitunes.dll
      CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
      CHR - Extension: Skype Click to Call = C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
      CHR - Extension: PicBadges = C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\mgjkknncnlepghplinfpikcijdbmidbg\1.8_0\
      CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\
      CHR - Extension: \u003Cvideo\u003E de HTML5 de DivX Plus Web Player = C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

      O1 HOSTS File: ([2012/12/06 15:43:49 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: ::1 localhost
      O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Archivos de programa\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
      O2 - BHO: (Windows Live Aplicación auxiliar de inicio de sesión) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
      O2 - BHO: (no name) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - No CLSID value found.
      O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
      O3 - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\..\Toolbar\WebBrowser: (no name) - {C2ED826E-8903-4A9D-B0DF-3A8FB8EA918A} - No CLSID value found.
      O3 - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
      O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
      O4 - HKLM..\Run: [APSDaemon] C:\Archivos de programa\Archivos comunes\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [DivXUpdate] C:\Archivos de programa\DivX\DivX Update\DivXUpdate.exe ()
      O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.exe (Vimicro)
      O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
      O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
      O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
      O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
      O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
      O4 - HKLM..\Run: [VMSnap3] C:\WINDOWS\vmsnap3.exe (ZSMCSNAP)
      O4 - HKU\S-1-5-21-1708537768-1085031214-682003330-1004..\Run: [DAEMON Tools Lite] C:\Archivos de programa\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
      O4 - HKU\S-1-5-21-1708537768-1085031214-682003330-1004..\Run: [Spotify Web Helper] C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
      O4 - HKU\S-1-5-21-1708537768-1085031214-682003330-1004..\Run: [SpybotSD TeaTimer] C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
      O4 - Startup: C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\Adobe Gamma.lnk = C:\Archivos de programa\Archivos comunes\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
      O4 - Startup: C:\Documents and Settings\Familia Morey Lopez\Menú Inicio\Programas\Inicio\ERUNT AutoBackup.lnk = C:\Archivos de programa\ERUNT\AUTOBACK.EXE ()
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
      O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O7 - HKU\S-1-5-21-1708537768-1085031214-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
      O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/...oUploader5.cab (Facebook Photo Uploader 5 Control)
      O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.4.1.cab (DLM Control)
      O16 - DPF: {48D9E4FD-2FD3-4C69-BAF3-682E9C616815} Notificaciones electrónicas - 060 - Inicio (SNAE_MSA.MSA)
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool)
      O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} Reg Error: Value error. (Reg Error: Key error.)
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messen.../GAME_UNO1.cab (UnoCtrl Class)
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} Online Scan (BDSCANONLINE Control)
      O16 - DPF: {61FA0CB0-0806-46EA-B784-0F843285BA23} http://estaticosak1.tuenti.com/clien...ader.31615.cab (TuentiFotoUploader Control)
      O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
      O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
      O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.3)
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class)
      O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
      O16 - DPF: {F20566F7-278D-4B42-8C2A-9B4A9EEFDA8B} http://www.photoincident.com/photo.cab (Photo Control)
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary...r.cab56986.cab (Minesweeper Flags Class)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.42.63.52 62.42.230.24
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE534CDA-674A-4383-85C0-EC28A8EC54DD}: DhcpNameServer = 62.42.63.52 62.42.230.24
      O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
      O20 - Winlogon\Notify\cryptnet32: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
      O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
      O24 - Desktop WallPaper: C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O24 - Desktop BackupWallPaper: C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2008/11/03 21:14:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

      NetSvcs: 6to4 - File not found
      NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
      NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
      NetSvcs: Ias - File not found
      NetSvcs: Iprip - File not found
      NetSvcs: Irmon - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
      NetSvcs: WmdmPmSp - File not found


      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2012/12/06 19:08:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Familia Morey Lopez\Recent
      [2012/12/06 16:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\Sun
      [2012/12/06 16:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\Sun
      [2012/12/06 16:05:48 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Archivos comunes\Java
      [2012/12/05 15:03:33 | 000,000,000 | ---D | C] -- C:\_OTL
      [2012/12/05 13:32:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
      [2012/12/05 13:30:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\ERUNT
      [2012/12/05 13:30:50 | 000,000,000 | ---D | C] -- C:\Archivos de programa\ERUNT
      [2012/12/04 18:03:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\CCleaner
      [2012/12/04 18:03:05 | 000,000,000 | ---D | C] -- C:\Archivos de programa\CCleaner
      [2012/12/04 18:01:25 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Vittalia
      [2012/12/03 22:11:35 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
      [2012/12/02 15:17:08 | 000,115,008 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\efavdrv.sys
      [2012/11/29 13:48:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\YourFileDownloader

      ========== Files - Modified Within 30 Days ==========

      [2012/12/06 19:12:00 | 000,000,838 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
      [2012/12/06 19:09:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
      [2012/12/06 17:16:28 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
      [2012/12/06 17:16:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
      [2012/12/06 16:21:52 | 000,000,516 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1F50E7BB-6F88-42B8-BDFD-05F30AA98148}.job
      [2012/12/06 15:47:28 | 000,025,501 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\DESINFECCION MODO SEGURO.rtf
      [2012/12/06 15:43:49 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
      [2012/12/06 15:25:03 | 000,010,689 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\otl INFORME.rtf
      [2012/12/06 13:37:28 | 000,000,478 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Familia Morey Lopez.job
      [2012/12/06 12:31:35 | 000,474,181 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\rajoy 1983 faro de vigo.jpg
      [2012/12/06 12:08:57 | 000,036,506 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\desigualdad.png
      [2012/12/06 11:35:48 | 000,030,299 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\abuela-sacando-cuerno.jpg
      [2012/12/06 09:55:00 | 000,041,137 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Pancartas-NO-es-Pais-Para-cerdos.png
      [2012/12/06 09:53:45 | 000,076,035 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\pancarta_int.jpg
      [2012/12/06 09:29:21 | 000,125,985 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\constitu.jpg
      [2012/12/06 09:28:01 | 000,264,856 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\econo.jpg
      [2012/12/06 09:25:08 | 000,013,983 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\mercados y constitucion.jpg
      [2012/12/06 09:17:22 | 000,056,358 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\DÍA-DE-LUTO-POR-LA-CONSTITUCION-ESPAÑOLA.jpg
      [2012/12/06 09:05:58 | 000,057,877 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Chiste Padylla Constitucion.jpg
      [2012/12/06 09:04:27 | 000,026,266 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\CONSTI.jpg
      [2012/12/05 22:29:18 | 000,100,790 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\BARBERA.jpg
      [2012/12/05 22:20:39 | 000,096,897 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\paro-dependencia.jpg
      [2012/12/05 16:05:09 | 000,010,689 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\OTL PONERLO.rtf
      [2012/12/05 14:57:09 | 016,531,456 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\NTUSER.bak
      [2012/12/05 13:31:03 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Menú Inicio\Programas\Inicio\ERUNT AutoBackup.lnk
      [2012/12/05 13:30:50 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\NTREGOPT.lnk
      [2012/12/05 13:30:50 | 000,000,627 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\ERUNT.lnk
      [2012/12/05 12:17:04 | 000,033,415 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\MENGUAN.jpg
      [2012/12/05 12:08:36 | 000,116,734 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\PIEDRA.jpg
      [2012/12/05 10:59:46 | 000,000,197 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\DOCTOR MUÑECA.rtf
      [2012/12/05 09:39:13 | 000,092,950 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\wert.jpg
      [2012/12/05 08:58:17 | 000,214,615 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Documento.rtf
      [2012/12/04 21:47:09 | 000,001,509 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\reportes.rtf
      [2012/12/04 19:02:25 | 000,004,211 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\quitar el virus.rtf
      [2012/12/04 18:03:07 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\CCleaner.lnk
      [2012/12/04 17:25:16 | 000,017,993 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\insensible.jpg
      [2012/12/04 17:24:09 | 000,010,176 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\bankia.jpg
      [2012/12/04 17:24:00 | 000,035,925 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Chiste Flanagan Derechos humanos.jpg
      [2012/12/04 17:14:37 | 000,074,658 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\faro.jpg
      [2012/12/02 15:17:09 | 000,115,008 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\efavdrv.sys
      [2012/12/02 14:50:08 | 000,251,904 | -H-- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\photothumb.db
      [2012/12/02 09:30:35 | 000,769,225 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\desahucios-y-sucicidios.jpg
      [2012/12/02 09:22:47 | 000,054,354 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\pobreza.jpg
      [2012/12/01 20:01:15 | 000,032,120 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\CARTEL CRISIS.rtf
      [2012/12/01 13:02:48 | 000,001,778 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Mis documentos\otro sosobuco en fusiooncook.rtf
      [2012/11/30 14:21:17 | 004,420,326 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Te Pintaron Pajaritos [Video Oficial] Yandar Yostin Feat Andy Rivera ® HD.mp3
      [2012/11/30 14:20:17 | 004,894,919 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele Hiding My Heart lyrics.mp3
      [2012/11/30 14:19:39 | 005,161,994 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele I found a boy (Sub españolinglés).mp3
      [2012/11/30 14:18:56 | 003,833,763 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Jo mai mai Joan Dausà i els Tipus d'Interès.mp3
      [2012/11/30 12:28:08 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
      [2012/11/30 12:18:48 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
      [2012/11/29 13:48:16 | 000,001,701 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\YourFile Downloader.lnk
      [2012/11/28 21:57:25 | 000,056,740 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\librosficcion.jpg
      [2012/11/25 21:43:42 | 000,053,693 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\laia2.jpg
      [2012/11/22 21:37:57 | 000,092,435 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Chiste Cupido Huelga.png
      [2012/11/22 17:37:20 | 005,114,975 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Pendulum 'Watercolour'.mp3
      [2012/11/22 17:36:18 | 005,447,252 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\David Guetta She Wolf (Lyrics Video) ft Sia.mp3
      [2012/11/22 17:34:37 | 005,334,028 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele Hometown Glory.mp3
      [2012/11/22 17:33:13 | 005,777,900 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Lax'n'Busto Tinc fam de tu (Amb lletra).mp3
      [2012/11/22 17:32:19 | 005,308,698 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Rihanna Like a diamonds Lyrics HD.mp3
      [2012/11/15 17:19:49 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\~$eaner (NO LO QUITES DE INICIO).rtf
      [2012/11/15 10:35:32 | 002,221,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
      [2012/11/15 00:20:49 | 000,499,672 | ---- | M] () -- C:\WINDOWS\System32\perfh00A.dat
      [2012/11/15 00:20:49 | 000,436,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
      [2012/11/15 00:20:49 | 000,087,580 | ---- | M] () -- C:\WINDOWS\System32\perfc00A.dat
      [2012/11/15 00:20:49 | 000,069,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
      [2012/11/10 22:00:34 | 000,196,688 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\obrero.png
      [2012/11/08 19:32:10 | 000,099,029 | ---- | M] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\imagen.jpg-large

      ========== Files Created - No Company Name ==========

      [2012/12/06 15:47:28 | 000,025,501 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\DESINFECCION MODO SEGURO.rtf
      [2012/12/06 15:25:03 | 000,010,689 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\otl INFORME.rtf
      [2012/12/06 12:31:40 | 000,474,181 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\rajoy 1983 faro de vigo.jpg
      [2012/12/06 12:09:02 | 000,036,506 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\desigualdad.png
      [2012/12/06 11:35:51 | 000,030,299 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\abuela-sacando-cuerno.jpg
      [2012/12/06 09:55:04 | 000,041,137 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Pancartas-NO-es-Pais-Para-cerdos.png
      [2012/12/06 09:53:53 | 000,076,035 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\pancarta_int.jpg
      [2012/12/06 09:29:29 | 000,125,985 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\constitu.jpg
      [2012/12/06 09:28:15 | 000,264,856 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\econo.jpg
      [2012/12/06 09:25:11 | 000,013,983 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\mercados y constitucion.jpg
      [2012/12/06 09:17:25 | 000,056,358 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\DÍA-DE-LUTO-POR-LA-CONSTITUCION-ESPAÑOLA.jpg
      [2012/12/06 09:06:01 | 000,057,877 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Chiste Padylla Constitucion.jpg
      [2012/12/06 09:05:11 | 000,026,266 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\CONSTI.jpg
      [2012/12/05 22:25:28 | 000,100,790 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\BARBERA.jpg
      [2012/12/05 22:21:01 | 000,096,897 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\paro-dependencia.jpg
      [2012/12/05 16:05:09 | 000,010,689 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\OTL PONERLO.rtf
      [2012/12/05 13:31:03 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Menú Inicio\Programas\Inicio\ERUNT AutoBackup.lnk
      [2012/12/05 13:30:50 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\NTREGOPT.lnk
      [2012/12/05 13:30:50 | 000,000,627 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\ERUNT.lnk
      [2012/12/05 12:17:10 | 000,033,415 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\MENGUAN.jpg
      [2012/12/05 12:08:46 | 000,116,734 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\PIEDRA.jpg
      [2012/12/05 10:59:45 | 000,000,197 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\DOCTOR MUÑECA.rtf
      [2012/12/05 09:34:41 | 000,092,950 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\wert.jpg
      [2012/12/05 08:58:17 | 000,214,615 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Documento.rtf
      [2012/12/04 21:43:16 | 000,001,509 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\reportes.rtf
      [2012/12/04 19:02:25 | 000,004,211 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\quitar el virus.rtf
      [2012/12/04 18:03:07 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\CCleaner.lnk
      [2012/12/04 17:25:18 | 000,017,993 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\insensible.jpg
      [2012/12/04 17:24:12 | 000,010,176 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\bankia.jpg
      [2012/12/04 17:24:04 | 000,035,925 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Chiste Flanagan Derechos humanos.jpg
      [2012/12/04 17:14:49 | 000,074,658 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\faro.jpg
      [2012/12/02 09:22:52 | 000,054,354 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\pobreza.jpg
      [2012/12/02 09:15:15 | 000,769,225 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\desahucios-y-sucicidios.jpg
      [2012/12/01 18:55:12 | 000,032,120 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\CARTEL CRISIS.rtf
      [2012/12/01 13:02:48 | 000,001,778 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Mis documentos\otro sosobuco en fusiooncook.rtf
      [2012/11/30 14:21:07 | 004,420,326 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Te Pintaron Pajaritos [Video Oficial] Yandar Yostin Feat Andy Rivera ® HD.mp3
      [2012/11/30 14:20:05 | 004,894,919 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele Hiding My Heart lyrics.mp3
      [2012/11/30 14:19:25 | 005,161,994 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele I found a boy (Sub españolinglés).mp3
      [2012/11/30 14:18:42 | 003,833,763 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Jo mai mai Joan Dausà i els Tipus d'Interès.mp3
      [2012/11/29 13:48:16 | 000,001,701 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\YourFile Downloader.lnk
      [2012/11/28 21:57:29 | 000,056,740 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\librosficcion.jpg
      [2012/11/25 21:43:49 | 000,053,693 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\laia2.jpg
      [2012/11/22 21:37:59 | 000,092,435 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Chiste Cupido Huelga.png
      [2012/11/22 17:37:04 | 005,114,975 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Pendulum 'Watercolour'.mp3
      [2012/11/22 17:35:56 | 005,447,252 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\David Guetta She Wolf (Lyrics Video) ft Sia.mp3
      [2012/11/22 17:34:23 | 005,334,028 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Adele Hometown Glory.mp3
      [2012/11/22 17:32:58 | 005,777,900 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Lax'n'Busto Tinc fam de tu (Amb lletra).mp3
      [2012/11/22 17:31:58 | 005,308,698 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\Rihanna Like a diamonds Lyrics HD.mp3
      [2012/11/15 17:19:49 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\~$eaner (NO LO QUITES DE INICIO).rtf
      [2012/11/10 22:00:40 | 000,196,688 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\obrero.png
      [2012/11/09 21:27:12 | 000,251,904 | -H-- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\photothumb.db
      [2012/11/08 19:32:16 | 000,099,029 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Escritorio\imagen.jpg-large
      [2012/10/22 18:06:49 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\.recently-used.xbel
      [2012/08/10 16:38:18 | 000,022,440 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\21467076_Setup.crx
      [2012/03/06 15:22:41 | 000,000,547 | ---- | C] () -- C:\WINDOWS\wininit.ini
      [2012/02/16 17:04:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
      [2011/05/22 11:21:42 | 000,073,324 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
      [2011/05/04 10:38:46 | 001,064,368 | ---- | C] () -- C:\Documents and Settings\All Users\Datos de programa\bdinstall.bin
      [2011/03/13 21:55:03 | 000,296,641 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
      [2011/02/14 14:23:25 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
      [2009/05/23 18:04:07 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\$FFPROFINI$prefs.js
      [2008/12/21 18:08:57 | 000,245,760 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2008/12/08 21:39:32 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\default.pls
      [2008/11/20 15:31:02 | 000,002,012 | -H-- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\SCPSP6.DLL
      [2008/11/20 15:30:56 | 000,002,985 | RHS- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Configuración local\Datos de programa\scpsv6.dll
      [2008/11/10 15:31:02 | 000,001,540 | RHS- | C] () -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\SCPSS6.DLL
      [2008/11/03 21:18:51 | 016,531,456 | ---- | C] () -- C:\Documents and Settings\Familia Morey Lopez\NTUSER.bak

      ========== ZeroAccess Check ==========

      [2008/11/11 18:35:53 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 03:18:36 | 001,499,648 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:52:53 | 000,473,600 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 03:18:46 | 000,273,920 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/07/11 16:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\AVAST Software
      [2011/07/06 15:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\BitDefender
      [2011/06/18 09:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\boost_interprocess
      [2011/07/06 14:26:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Datos de programa\Common Files
      [2012/04/16 17:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\DAEMON Tools Lite
      [2012/10/21 17:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ESET
      [2009/03/03 17:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\MAGIX
      [2009/12/19 19:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Messenger Plus!
      [2011/07/06 14:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\MFAData
      [2009/05/24 16:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TEMP
      [2010/07/17 13:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\TuneUp Software
      [2011/05/20 14:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
      [2009/12/25 20:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{755AC846-7372-4AC8-8550-C52491DAA8BD}
      [2010/07/17 13:11:40 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Datos de programa\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
      [2011/09/17 21:48:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Audacity
      [2009/08/26 11:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\BeautyPilot
      [2012/05/22 09:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\DAEMON Tools Lite
      [2012/10/05 11:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\DDMSettings
      [2012/09/26 17:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\DVDVideoSoft
      [2011/08/08 21:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\gtk-2.0
      [2008/12/28 19:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\MSNInstaller
      [2012/04/20 10:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\OfferBox
      [2010/05/14 14:57:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Panda Security
      [2012/10/15 07:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\PriceGong
      [2011/07/06 15:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\QuickScan
      [2009/03/25 22:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Simply Super Software
      [2012/11/13 17:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\Spotify
      [2008/12/04 11:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\TuneUp Software
      [2010/01/30 18:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\UltraGet
      [2012/10/20 15:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\uTorrent
      [2011/06/05 22:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\WebcamMax
      [2012/11/29 13:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Familia Morey Lopez\Datos de programa\YourFileDownloader

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/12/04 21:59:28 | 000,000,923 | ---- | M] () -- C:\AT-Destroyer.txt
      [2008/11/03 21:14:03 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
      [2008/12/08 21:31:54 | 000,000,223 | -HS- | M] () -- C:\boot.ini
      [2006/03/02 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
      [2009/03/22 17:58:42 | 000,002,673 | ---- | M] () -- C:\cleannavi.txt
      [2008/11/03 21:14:03 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
      [2008/12/08 21:33:15 | 000,000,206 | ---- | M] () -- C:\csb.log
      [2012/09/26 17:01:48 | 001,134,284 | ---- | M] () -- C:\Documents
      [2009/03/21 19:42:48 | 000,002,751 | ---- | M] () -- C:\fixnavi.txt
      [2008/11/03 21:14:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
      [2008/11/03 21:14:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
      [2008/08/09 09:24:46 | 000,059,728 | ---- | M] (Patchou) -- C:\msimg32.dll
      [2006/03/02 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
      [2008/11/21 08:33:40 | 000,251,168 | RHS- | M] () -- C:\ntldr
      [2004/02/29 16:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp
      [2012/12/06 17:16:21 | 1509,949,440 | -HS- | M] () -- C:\pagefile.sys
      [2008/12/08 21:33:15 | 000,000,430 | ---- | M] () -- C:\RHDSetup.log
      [2008/12/10 17:54:41 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
      [2008/12/24 18:42:48 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
      [2008/12/24 19:50:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
      [2008/12/25 00:44:21 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
      [2009/10/10 18:14:10 | 000,115,574 | ---- | M] () -- C:\systemlog
      [2009/10/10 18:14:10 | 007,861,280 | ---- | M] () -- C:\ucL6Y9KerBE.mp3

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\win.ini:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wshes.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wfwnet.drv:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga64k.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga256.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.drv:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unicode.nls:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tssoft32.acm:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\timer.drv:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tapiui.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\system.drv:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sound.drv:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sortkey.nls:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsvp.exe:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\riched32.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olethk32.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olesvr32.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netmsg.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netevent.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msxml3r.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mshearts.exe:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msgsm32.acm:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg723.acm:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg711.acm:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msacm32.drv:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mouse.drv:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmsystem.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmdrv.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc42loc.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mapi32.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lz32.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\keyboard.drv:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdus.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdsp.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdes.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jses.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir32_32.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icfgnt5.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drwtsn32.exe:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbd.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rdpcdd.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rasacd.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\pciide.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\parvdm.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\null.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ftdisk.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\beep.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctype.nls:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comm.drv:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28591.nls:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1253.nls:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1251.nls:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1250.nls:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bootvid.dll:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\$winnt$.inf:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\system.ini:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\SchedLgU.Txt:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\WINDOWS\bootstat.dat:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Familia Morey Lopez\Mis documentos\desktop.ini:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Familia Morey Lopez\Menú Inicio\Programas\Inicio\desktop.ini:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Familia Morey Lopez\Menú Inicio\Programas\desktop.ini:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Menú Inicio\Programas\Inicio\desktop.ini:KAVICHS
      @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Documentos\desktop.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\wmprfESP.prx:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt256.bmp:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt.bmp:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\winhelp.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\wiaservc.log:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\vmmreg32.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\Viento.bmp:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\vbaddin.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\vb.ini:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_32.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_16.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\twain.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\TASKMAN.EXE:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xenroll.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wupdmgr.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshnetbs.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshisn.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshatm.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\write.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfaxui.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfax.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowexec.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowdeb.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiprop.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmimgmt.msc:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmerrESP.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winstrm.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winspool.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winsock.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winoldap.mod:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winnls.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmsd.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmine.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhlp32.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhelp.hlp:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winfax.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winchat.exe:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win87em.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win.com:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wifeman.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiavusd.dll:KAVICHS
      @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiasf.ax:KAVICHS