• Registrarse
  • Iniciar sesión


  • Resultados 1 al 9 de 9

    Se abren ventanas en el google chrome (Solucionado)

    Resumen del tema: Se abren ventanas en el google chrome (Solucionado) - Hola. desde hace unos meses, se abren solas paginas de publicidad y otras en el chrome. Tambien, a veces, me pasa en el explorer . Que solucion hay para esto que es tan molesto? ya ...

      
    1. #1
      Usuario Avatar de JIBIO
      Registrado
      dic 2012
      Ubicación
      Argentina
      Mensajes
      6

      Se abren ventanas en el google chrome (Solucionado)

      Hola. desde hace unos meses, se abren solas paginas de publicidad y otras en el chrome. Tambien, a veces, me pasa en el explorer . Que solucion hay para esto que es tan molesto? ya estuve viendo que solucionaron otros problemas parecidos, pero no quise arriesgarme a hacer nada porque no entendi bien. Desde ya, gracias.
      Última edición por JIBIO fecha: 27/01/13 a las 21:02:38

    2. #2
      Moderador
      Avatar de M@co
      Registrado
      dic 2007
      Ubicación
      America
      Mensajes
      15.825

      Re: se habren solas ventanas en el google chrome

      Hola


      Realiza lo siguiente:
      1. Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware.
        • En la pestaña Escáner,marcas "Realizar un Examen Completo".
        • Con la opción de "quitar lo seleccionado" lo mandas todo a la cuarentena y reinicia.
        • En la pestaña "Logs" o "Registros" en español, encontrarás el reporte del MBAM, lo copias y lo pones aquí para analizarlo.



      2. Descarga OTL a tu escritorio.
        • Cerrar todas las ventanas y programas abiertos antes de ejecutarlo.
        • Hacer doble click en el ícono OTL.exe para comenzar.
        • Cuando la interfaz aparezca, marcar las siguientes opciones: bajo de: "Tipo de Análisis" cambielo a Resultado Mínimo
        • Cambia a Todos donde dice Registro Normal
        • Marcar las opciones: Buscar LOP y Buscar Purity
        • Presione el boton Análizar
          Una vez termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt.
          Por favor copiar y pegar el contenido de OTL.Txt en su siguiente Post
      Nota: Por favor No cambiar el resto de la configuración a menos que se le indique.

      Saludos

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de JIBIO
      Registrado
      dic 2012
      Ubicación
      Argentina
      Mensajes
      6

      Re: se habren solas ventanas en el google chrome

      Hola, muchas gracias por responder! Te paso los reportes:

      1.MBAM

      Malwarebytes Anti-Malware (Versión de Prueba) 1.70.0.1100
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2013.01.27.09

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Nando :: NANDO-PC [administrador]

      Protección: Habilitado

      27/01/2013 11:56:21 p.m.
      mbam-log-2013-01-27 (23-56-21).txt

      Tipos de Análisis: Análisis Rápido
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 207797
      Tiempo transcurrido: 2 minuto(s), 45 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 1
      C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> En cuarentena y eliminado con éxito.

      Archivos Detectados: 2
      C:\Windows\Temp\_avast_\unp47341450.tmp (PUP.BundleInstaller.IB) -> En cuarentena y eliminado con éxito.
      C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> En cuarentena y eliminado con éxito.

      fin)


      2. OTL

      OTL Extras logfile created on: 28/01/2013 01:18:12 a.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nando\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00002C0A | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

      3,85 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 58,79% Memory free
      7,70 Gb Paging File | 5,85 Gb Available in Paging File | 75,96% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 587,31 Gb Total Space | 332,23 Gb Free Space | 56,57% Space Free | Partition Type: NTFS
      Drive D: | 698,92 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

      Computer Name: NANDO-PC | User Name: Nando | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Extra Registry (SafeList) ==========


      ========== File Associations ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

      ========== Shell Spawning ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      exefile [open] -- "%1" %*
      helpfile [open] -- Reg Error: Key error.
      htmlfile [edit] -- Reg Error: Key error.
      htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
      inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
      InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
      InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
      Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [explore] -- Reg Error: Value error.
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
      exefile [open] -- "%1" %*
      helpfile [open] -- Reg Error: Key error.
      htmlfile [edit] -- Reg Error: Key error.
      htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
      inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
      Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [explore] -- Reg Error: Value error.
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

      ========== Security Center Settings ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
      "cval" = 1

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
      "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
      "AntiVirusOverride" = 0
      "AntiSpywareOverride" = 0
      "FirewallOverride" = 0

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

      ========== Firewall Settings ==========

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0

      ========== Authorized Applications List ==========


      ========== Vista Active Open Ports Exception List ==========

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
      "{08374E82-0AB0-48E2-9E88-1BBFAA6B6714}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
      "{123DC004-6B33-413D-84CF-590E01F8FAB6}" = lport=2869 | protocol=6 | dir=in | app=system |
      "{1EA6CD92-A5BA-4C5B-91BF-B84126A8B03D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
      "{26A0D3D3-E442-4C77-99B0-704F9D7FB6BC}" = lport=137 | protocol=17 | dir=in | app=system |
      "{32B685CC-A81D-4ED3-B3D0-5B3B47BFA1E2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
      "{35E58961-44B7-4D73-A364-24534DB23349}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
      "{41293100-E236-4E20-B773-1D3B725C4A26}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
      "{4B368222-FFA1-4BE6-98BE-DED2B3451DE9}" = rport=139 | protocol=6 | dir=out | app=system |
      "{51B3CCC1-D322-48CC-A326-D4D5BAE3585C}" = lport=139 | protocol=6 | dir=in | app=system |
      "{56337A2E-7E0F-48AA-9D30-1909C13FC16E}" = lport=10243 | protocol=6 | dir=in | app=system |
      "{6C342F03-2A55-47E9-8CEC-2525CEC3ADB6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
      "{6CABC251-26ED-4EC7-B0E3-0257C5CBD538}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
      "{6E11ABC6-FA19-4770-A90A-B2D66F13D8DC}" = rport=10243 | protocol=6 | dir=out | app=system |
      "{6FD4B989-A985-4235-B6D2-76681B972BFD}" = lport=138 | protocol=17 | dir=in | app=system |
      "{7FED0C65-C7C9-432C-B3B5-B86D2C35688A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
      "{833D9A52-E6CA-42A6-8D33-BD32ED414665}" = lport=445 | protocol=6 | dir=in | app=system |
      "{89B71655-F5AF-4528-9BC4-C4E6A4981480}" = rport=445 | protocol=6 | dir=out | app=system |
      "{965AE1EF-2B7A-4C03-8E94-DD82BB24070F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
      "{AE608543-228A-4C43-AD46-D4A763369265}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
      "{AFA236ED-00D4-49C6-BF49-2E329BE51FCE}" = rport=137 | protocol=17 | dir=out | app=system |
      "{BADAFB11-4494-4DB4-812B-96668E61AB09}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
      "{C2C87D4E-025F-4A1D-B654-11D43ACB668C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
      "{CB52B897-B5C2-4EAD-A186-169AB2C36851}" = rport=138 | protocol=17 | dir=out | app=system |
      "{D9668F6B-9AF8-47B5-8217-1796406A5D1C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
      "{F12B6129-8626-4A50-891D-3D70016F6D13}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

      ========== Vista Active Application Exception List ==========

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
      "{032041E7-0322-4568-AE45-4195AAEEF5B1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{1731EF91-2B4A-41B3-AEEA-090E6D498D46}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{1795841F-F780-4099-9184-8FCB6CDCC49C}" = protocol=6 | dir=out | app=system |
      "{17D53215-D2E8-409D-B639-C59123D8AF54}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
      "{4F5FB1F1-4206-4408-B566-6B390273FBF7}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
      "{4F902E91-0C4A-44F9-B6AA-6F5F4717ADCE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
      "{5084B08F-1776-4FD1-A725-F9F284823FD2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
      "{50BC3A9E-6B81-4E08-AD3C-EA4FE2B2B380}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
      "{54EE7D55-466B-4239-BE69-4EE985C3B3DB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
      "{579011F8-94A3-4A83-976A-7489F20D7302}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{5CA205B6-526B-4DDB-B847-BD13EE349065}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
      "{5CD6B135-C936-43C7-B353-3BAA6F5DD0CE}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
      "{602133EA-0EF5-46B0-86AD-13E008754127}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{815E4D9B-201E-422E-990C-28C18B7ACFAD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
      "{82DAC1C0-2FF4-46AE-8706-AACDE9902B99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{92D10118-0388-45BF-BD60-6670E292954A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{9733A538-1820-4CC4-9112-F44365E3652C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
      "{9AFB26BB-6633-4DE5-B237-3EA66FBF4031}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
      "{ACD69EF3-2B11-41C4-960F-DC758C745432}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
      "{AD1BD3E0-2D27-430F-A80A-E4C0CB24C3C3}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
      "{AD2E658A-B4A8-438A-9969-8B805F422709}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
      "{AE233C20-406F-4E4C-AE0A-2437896F0662}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
      "{D2A8DA2D-EB12-4C87-A567-E265FF848596}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
      "{E39742FB-FB7C-4D73-A011-31A0EF29813D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
      "{E92C0739-1E46-42BB-BC1A-040A52F14017}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
      "{E9B18F79-CA3D-4666-99F6-A28537677A08}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
      "{ED127B90-28F2-4F3E-BED3-439D1BA38F78}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
      "TCP Query User{1DEED365-472D-44E2-83C8-57C778D39B89}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
      "TCP Query User{3E8F1E5A-E5E4-4F6E-B1CF-F4A0179A8FF0}C:\program files (x86)\jdownloader\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\java.exe |
      "TCP Query User{56969894-172A-4D19-8AE0-3C2018473574}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
      "TCP Query User{5CA8385B-5671-422F-94D7-83F56C0344C6}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe |
      "TCP Query User{702EA2DA-68A2-46CA-B3CB-8D8E7BB6EC6A}C:\users\nando\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\nando\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
      "TCP Query User{78BABC29-577E-4979-9B4B-75CAD3D3B66D}C:\program files (x86)\ares\chatserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\chatserver.exe |
      "TCP Query User{A304B3ED-222A-4901-8874-8002300AEF6C}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
      "TCP Query User{E9D20EC5-26FD-40EE-A756-B40DC3A156EA}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe |
      "UDP Query User{0053C966-2F24-477B-859A-5416E915A2B0}C:\program files (x86)\ares\chatserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\chatserver.exe |
      "UDP Query User{3F503418-F951-4A0A-BD50-B65FE0580379}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
      "UDP Query User{46400651-9344-414D-BD0D-C0EDCCBF12E1}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe |
      "UDP Query User{4907A672-68B4-4511-AE0C-4C466B7942C4}C:\program files (x86)\jdownloader\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\java.exe |
      "UDP Query User{5978DCE2-A217-475D-96A2-BEDD546669B3}C:\users\nando\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\nando\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
      "UDP Query User{64D3D45F-4695-40E5-A5B5-D285FE03EDF4}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe |
      "UDP Query User{A81BC239-020D-452B-97E6-F30807B45847}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
      "UDP Query User{A9AEC506-823E-4C1E-A493-E3404AC0875A}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |

      ========== HKEY_LOCAL_MACHINE Uninstall List ==========

      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "{02A2EE40-723D-4644-A996-E03BB4688E42}" = Microsoft Antimalware Service ES-ES Language Pack
      "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
      "{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java(TM) 6 Update 25 (64-bit)
      "{271F5A67-A83A-4985-B41B-201EB267E6CF}" = LIVE! Control Center 1.11(X64)
      "{2998191E-A35E-47E2-BE38-7702C731D722}" = SRS Premium Sound Control Panel
      "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
      "{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
      "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
      "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
      "{90140000-006D-0C0A-1000-0000000FF1CE}" = Hacer clic y ejecutar de Microsoft Office 2010
      "{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
      "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
      "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
      "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
      "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
      "{C3C912BB-BF4B-3788-8A19-DA5B999CE0C6}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
      "{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
      "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
      "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
      "{D00FA097-5115-400D-84AD-4ADEF3EBDB5E}_is1" = Positivo BGH Audio Power
      "{D0582368-2DFF-48EA-AC8D-1FA8E31CA38C}_is1" = Positivo BGH Conversor 3D
      "{D5FB2C06-3B89-41C5-9787-E51782AEA5B7}" = Microsoft Antimalware Service ES-ES Language Pack
      "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
      "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
      "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
      "{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
      "{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client ES-ES Language Pack
      "CCleaner" = CCleaner
      "EPSON TX133 TX135 Series" = Desinstalador de impresoras EPSON TX133 TX135 Series
      "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
      "Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
      "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
      "Microsoft Security Client" = Microsoft Security Essentials
      "SynTPDeinstKey" = Synaptics Pointing Device Driver

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "{01944037-D136-45EE-A007-403EAD929FC7}" = Windows Live Writer
      "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
      "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
      "{061FF8F3-5226-4278-8AAB-282C1B024F58}" = Photo Common
      "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
      "{137637BF-F32A-48B3-A5FE-D677FCB1A80B}_is1" = Positivo BGH 3D Increíble
      "{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}" = Movie Maker
      "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
      "{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
      "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
      "{1FEE19BC-6F0C-42E4-82FF-FB597F6141DF}" = Windows Live Essentials
      "{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
      "{26C4C043-AEE3-447E-90B4-C86793D046E9}_is1" = Dr.Kawashima versión 1.5
      "{2AEAFC79-79E6-4784-9CF9-D9D82932BF88}" = Windows Live Family Safety
      "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
      "{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
      "{387B3DFA-BB12-45E6-B431-4A7BF2EBD985}_is1" = Positivo BGH Smart Backup
      "{3C63F944-803E-49A7-B3A2-B8AB3313E883}" = Windows Live UX Platform Language Pack
      "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
      "{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
      "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
      "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
      "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
      "{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
      "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
      "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
      "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
      "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
      "{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
      "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
      "{73289228-1853-4623-982A-EB17FF0270CA}" = LIVE! OSD 1.35
      "{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
      "{7B7044AE-6D1F-456D-B2BA-28BFFFAF3F71}" = Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup
      "{8030AE22-7FA0-4880-A538-8906EDBF49F4}" = Windows Live Writer Resources
      "{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
      "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
      "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
      "{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}" = Epson Event Manager
      "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
      "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
      "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
      "{8F7FECEC-088F-431D-A5FB-2B59E1E69943}" = Galería de fotos
      "{90140011-0066-0C0A-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Español
      "{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
      "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
      "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
      "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
      "{96914829-DF65-40AE-8A31-6F3E96BAEBBD}" = Windows Live Mail
      "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
      "{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
      "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
      "{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
      "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
      "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
      "{AC76BA86-7AD7-1034-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Español
      "{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
      "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
      "{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
      "{BF73DC38-2331-4CCB-AF7F-594EF8604711}_is1" = QuickKey 1.00
      "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
      "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
      "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
      "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
      "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
      "{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
      "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
      "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
      "{DB169E8F-5332-4DBF-B085-84AA2C373304}" = Windows Live Messenger
      "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
      "{E11C7438-7550-4676-92CE-846CC5DA3548}_is1" = Positivo BGH My Webcam
      "{E5C407CD-5ACE-409F-B70B-A0ADC8C26DC8}_is1" = Atlantis - Pearls of the Deep Deluxe versión 1.5
      "{E65AE514-9C14-48DE-BAE5-64A4F9CB6FE5}" = Epson Easy Photo Print 2
      "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
      "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
      "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
      "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
      "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
      "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
      "{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
      "{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
      "{FD6F6859-2863-4ABB-87D0-A263F3E9FF45}_is1" = Positivo BGH Battery Power
      "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
      "5513-1208-7298-9440" = JDownloader 0.9
      "7-Zip" = 7-Zip 4.65
      "ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
      "AC3Filter_is1" = AC3Filter 1.62b
      "Adobe AIR" = Adobe AIR
      "Adobe Flash Player ActiveX" = Adobe® Flash® Player 10 ActiveX
      "Adobe Flash Player Plugin" = Adobe® Flash® Player 10 Plugin
      "AI RoboForm" = avast! EasyPass
      "avast" = avast! Free Antivirus
      "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
      "DivX Setup" = Instalación de DivX
      "EEPPPlugIn" = Epson Easy Photo Print Plug-in for Windows Live Photo Gallery
      "EPSON Scanner" = EPSON Scan
      "ImgBurn" = ImgBurn
      "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versión 1.70.0.1100
      "Office14.Click2Run" = Hacer clic y ejecutar de Microsoft Office 2010
      "PhotoScape" = PhotoScape
      "Updater Service" = Updater Service
      "WinLiveSuite" = Windows Live Essentials

      ========== HKEY_CURRENT_USER Uninstall List ==========

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "Google Chrome" = Google Chrome
      "Octoshape Streaming Services" = Octoshape Streaming Services

      ========== Last 20 Event Log Errors ==========

      [ Application Events ]
      Error - 13/01/2013 07:09:03 p.m. | Computer Name = Nando-PC | Source = Microsoft-Windows-WMI | ID = 10
      Description = No se pudo reactivar el filtro de eventos con la consulta "SELECT
      * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor"
      AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2"
      debido al error 0x80041003. Los eventos no se podrán entregar a través de este
      filtro hasta que se corrija este problema.

      Error - 13/01/2013 09:23:41 p.m. | Computer Name = Nando-PC | Source = Microsoft-Windows-WMI | ID = 10
      Description = No se pudo reactivar el filtro de eventos con la consulta "SELECT
      * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor"
      AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2"
      debido al error 0x80041003. Los eventos no se podrán entregar a través de este
      filtro hasta que se corrija este problema.

      Error - 13/01/2013 09:32:23 p.m. | Computer Name = Nando-PC | Source = CVHSVC | ID = 100
      Description = Solo información. (Patch task for {90140011-0066-0C0A-0000-0000000FF1CE}):
      DownloadLatest Failed:

      Error - 13/01/2013 09:42:43 p.m. | Computer Name = Nando-PC | Source = Microsoft-Windows-WMI | ID = 10
      Description = No se pudo reactivar el filtro de eventos con la consulta "SELECT
      * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor"
      AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2"
      debido al error 0x80041003. Los eventos no se podrán entregar a través de este
      filtro hasta que se corrija este problema.

      Error - 13/01/2013 09:51:25 p.m. | Computer Name = Nando-PC | Source = CVHSVC | ID = 100
      Description = Solo información. (Patch task for {90140011-0066-0C0A-0000-0000000FF1CE}):
      DownloadLatest Failed:

      Error - 13/01/2013 11:18:04 p.m. | Computer Name = Nando-PC | Source = Application Error | ID = 1000
      Description = Nombre de la aplicación con errores: PDApp.exe, versión: 2.0.240.0,
      marca de tiempo: 0x4d7f595b Nombre del módulo con errores: AdobeSWFL.dll, versión:
      2.0.0.7489, marca de tiempo: 0x4b7f19be Código de excepción: 0xc0000005 Desplazamiento
      de errores: 0x0007df4f Id. del proceso con errores: 0x1728 Hora de inicio de la aplicación
      con errores: 0x01cdf205ba87308b Ruta de acceso de la aplicación con errores: C:\Program
      Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe Ruta de acceso del módulo
      con errores: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\AdobeSWFL.dll
      Id.
      del informe: 01c4f811-5df9-11e2-848d-1078d26b2739

      Error - 14/01/2013 11:18:51 a.m. | Computer Name = Nando-PC | Source = Microsoft-Windows-WMI | ID = 10
      Description = No se pudo reactivar el filtro de eventos con la consulta "SELECT
      * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor"
      AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2"
      debido al error 0x80041003. Los eventos no se podrán entregar a través de este
      filtro hasta que se corrija este problema.

      Error - 14/01/2013 11:27:29 a.m. | Computer Name = Nando-PC | Source = CVHSVC | ID = 100
      Description = Solo información. (Patch task for {90140011-0066-0C0A-0000-0000000FF1CE}):
      DownloadLatest Failed:

      Error - 14/01/2013 03:17:18 p.m. | Computer Name = Nando-PC | Source = Application Error | ID = 1000
      Description = Nombre de la aplicación con errores: PDApp.exe, versión: 2.0.240.0,
      marca de tiempo: 0x4d7f595b Nombre del módulo con errores: unknown, versión: 0.0.0.0,
      marca de tiempo: 0x00000000 Código de excepción: 0xc0000005 Desplazamiento de errores:
      0x30d00282 Id. del proceso con errores: 0x16cc Hora de inicio de la aplicación con
      errores: 0x01cdf28bbb25513a Ruta de acceso de la aplicación con errores: C:\Program
      Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe Ruta de acceso del módulo
      con errores: unknown Id. del informe: 027d7ef3-5e7f-11e2-8116-1078d26b2739

      Error - 14/01/2013 03:29:12 p.m. | Computer Name = Nando-PC | Source = Application Error | ID = 1000
      Description = Nombre de la aplicación con errores: PDApp.exe, versión: 2.0.240.0,
      marca de tiempo: 0x4d7f595b Nombre del módulo con errores: ole32.dll, versión: 6.1.7601.17514,
      marca de tiempo: 0x4ce7b96f Código de excepción: 0xc0000005 Desplazamiento de errores:
      0x0002b5e6 Id. del proceso con errores: 0x1450 Hora de inicio de la aplicación con
      errores: 0x01cdf28d6a7b2140 Ruta de acceso de la aplicación con errores: C:\Program
      Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe Ruta de acceso del módulo
      con errores: C:\windows\syswow64\ole32.dll Id. del informe: ac6bb706-5e80-11e2-8116-1078d26b2739

      [ System Events ]
      Error - 25/01/2013 07:33:14 p.m. | Computer Name = Nando-PC | Source = cdrom | ID = 262151
      Description = El dispositivo, \Device\CdRom0, tiene un bloque defectuoso.

      Error - 25/01/2013 07:33:20 p.m. | Computer Name = Nando-PC | Source = cdrom | ID = 262151
      Description = El dispositivo, \Device\CdRom0, tiene un bloque defectuoso.

      Error - 25/01/2013 07:33:27 p.m. | Computer Name = Nando-PC | Source = cdrom | ID = 262151
      Description = El dispositivo, \Device\CdRom0, tiene un bloque defectuoso.

      Error - 25/01/2013 07:33:34 p.m. | Computer Name = Nando-PC | Source = cdrom | ID = 262151
      Description = El dispositivo, \Device\CdRom0, tiene un bloque defectuoso.

      Error - 25/01/2013 07:33:41 p.m. | Computer Name = Nando-PC | Source = cdrom | ID = 262151
      Description = El dispositivo, \Device\CdRom0, tiene un bloque defectuoso.

      Error - 25/01/2013 07:33:48 p.m. | Computer Name = Nando-PC | Source = cdrom | ID = 262151
      Description = El dispositivo, \Device\CdRom0, tiene un bloque defectuoso.

      Error - 25/01/2013 07:33:53 p.m. | Computer Name = Nando-PC | Source = cdrom | ID = 262151
      Description = El dispositivo, \Device\CdRom0, tiene un bloque defectuoso.

      Error - 25/01/2013 07:33:58 p.m. | Computer Name = Nando-PC | Source = cdrom | ID = 262151
      Description = El dispositivo, \Device\CdRom0, tiene un bloque defectuoso.

      Error - 26/01/2013 03:17:29 p.m. | Computer Name = Nando-PC | Source = DCOM | ID = 10010
      Description =

      Error - 27/01/2013 10:41:01 p.m. | Computer Name = Nando-PC | Source = Service Control Manager | ID = 7034
      Description = El servicio Updater Service se terminó de manera inesperada. Esto
      ha sucedido 1 veces.


      < End of report >

      Saludos!

    4. #4
      Moderador
      Avatar de M@co
      Registrado
      dic 2007
      Ubicación
      America
      Mensajes
      15.825

      Re: se habren solas ventanas en el google chrome

      Tienes que pegar el reporte llamado OTL.txt.

      Saludos.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de JIBIO
      Registrado
      dic 2012
      Ubicación
      Argentina
      Mensajes
      6

      Re: se habren solas ventanas en el google chrome

      es este? (que es lo otro?)

      OTL logfile created on: 28/01/2013 01:18:12 a.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nando\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00002C0A | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

      3,85 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 58,79% Memory free
      7,70 Gb Paging File | 5,85 Gb Available in Paging File | 75,96% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 587,31 Gb Total Space | 332,23 Gb Free Space | 56,57% Space Free | Partition Type: NTFS
      Drive D: | 698,92 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

      Computer Name: NANDO-PC| User Name: Nando | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Nando\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Program Files (x86)\TUTORIALES100\tutoriales100_ar_5.exe ()
      PRC - C:\Users\Nando\AppData\Local\tutoriales100_ar_5\upttria100ar5.exe ()
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Battery Power\BatteryPower.exe (Positivo Informática S.A)
      PRC - C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Battery Power\BatteryManagerService.exe (Positivo Informática S.A)
      PRC - C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\AudioPower.exe (Microsoft)
      PRC - C:\Users\Nando\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
      PRC - C:\Program Files (x86)\QuickKey\HookKey.exe (TODO: <Company name>)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\OEM\LIVE! OSD 1.35\osd.exe (OEM)
      PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
      PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


      ========== Modules (No Company Name) ==========

      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ab54c04b3df40416205883b4049fe273\IAStorUtil.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4d6518ef6ae8d6f005c49ab1c86de7fe\IAStorCommon.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5807f05ddadb676e7b4d4f63711b9108\System.Windows.Forms.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
      MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
      MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      MOD - C:\Program Files (x86)\TUTORIALES100\tutoriales100_ar_5.exe ()
      MOD - C:\Users\Nando\AppData\Local\tutoriales100_ar_5\upttria100ar5.exe ()
      MOD - C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\LibSoundManager.dll ()
      MOD - C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\CustomWindow.dll ()
      MOD - C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_es_31bf3856ad364e35\PresentationFramework.resources.dll ()
      MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_es_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
      MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
      MOD - C:\Program Files (x86)\OEM\LIVE! OSD 1.35\LiveIO.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe File not found
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
      SRV - (NisSrv) -- c:\Archivos de programa\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
      SRV - (MsMpSvc) -- c:\Archivos de programa\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      SRV - (BatteryManagerSrv) -- C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Battery Power\BatteryManagerService.exe (Positivo Informática S.A)
      SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (EPSON_EB_RPCV4_04) -- C:\Archivos de programa\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
      SRV - (EPSON_PM_RPCV4_04) -- C:\Archivos de programa\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswKbd) -- C:\windows\SysNative\drivers\aswKbd.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
      DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (PositivoAudioDriverWdm) -- C:\Windows\SysNative\drivers\pad.sys (Positivo Informática S.A.)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\drivers\rtl8192ce.sys (Realtek Semiconductor Corporation )
      DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (LiveGpdKBFilter) -- C:\windows\SysNative\drivers\LiveGpdKBFilter.sys (Windows (R) Win 7 DDK provider)
      DRV:64bit: - (Livemouclass) -- C:\windows\SysNative\drivers\Livemouclass.sys (Systems Internals)
      DRV:64bit: - (Livekbc) -- C:\windows\SysNative\drivers\Livekbc.sys (Systems Internals)
      DRV:64bit: - (LiveIO) -- C:\windows\SysNative\drivers\LiveIO.sys ()
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (All) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {2DB2451C-A2B4-48A7-8593-AFB11D6D2843}
      IE:64bit: - HKLM\..\SearchScopes\{2DB2451C-A2B4-48A7-8593-AFB11D6D2843}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
      IE - HKLM\..\SearchScopes,DefaultScope = {2DB2451C-A2B4-48A7-8593-AFB11D6D2843}
      IE - HKLM\..\SearchScopes\{2DB2451C-A2B4-48A7-8593-AFB11D6D2843}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Positivo BGH - [binary data]
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
      IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
      IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      ========== FireFox ==========

      FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Nando\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nando\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nando\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/12/16 23:21:33 | 000,000,000 | ---D | M]


      ========== Chrome ==========

      CHR - homepage: Google
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: Google
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\Nando\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nando\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nando\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - Extension: YouTube = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
      CHR - Extension: avast! WebRep = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
      CHR - Extension: Gmail = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
      CHR - Extension: YouTube = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
      CHR - Extension: avast! WebRep = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
      CHR - Extension: Gmail = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

      O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2:64bit: - BHO: (avast! EasyPass Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
      O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll File not found
      O2 - BHO: (avast! EasyPass Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Aplicación auxiliar de inicio de sesión en la cuenta Microsoft) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3:64bit: - HKLM\..\Toolbar: (avast! EasyPass Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (avast! EasyPass Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll File not found
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
      O4:64bit: - HKLM..\Run: [AudioPower] C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\AudioPower.exe (Microsoft)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
      O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe ()
      O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
      O4 - HKLM..\Run: [HookKey] C:\Program Files (x86)\QuickKey\HookKey.exe (TODO: <Company name>)
      O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [Tutorials] C:\Program Files (x86)\TUTORIALES100\tutoriales100_ar_5.exe ()
      O4 - HKCU..\Run: [AdobeBridge] File not found
      O4 - HKCU..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h File not found
      O4 - HKCU..\Run: [EPSON TX133 TX135 Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHJB.EXE /FU "C:\windows\TEMP\E_S4578.tmp" /EF "HKCU" File not found
      O4 - HKCU..\Run: [Google Update] C:\Users\Nando\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
      O4 - HKCU..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background File not found
      O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\Nando\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
      O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
      O4 - HKLM..\RunOnce: [upttria100ar5.exe] C:\Users\Nando\AppData\Local\tutoriales100_ar_5\upttria100ar5.exe ()
      O4 - HKCU..\RunOnce: [Uninstall C:\Users\Nando\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nando\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64" File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
      O8:64bit: - Extra context menu item: Guardar Formularios - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
      O8:64bit: - Extra context menu item: Personalizar Menú - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
      O8:64bit: - Extra context menu item: Rellenar Formularios - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
      O8:64bit: - Extra context menu item: Show avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
      O8 - Extra context menu item: Guardar Formularios - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
      O8 - Extra context menu item: Personalizar Menú - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
      O8 - Extra context menu item: Rellenar Formularios - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
      O8 - Extra context menu item: Show avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
      O9:64bit: - Extra Button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9:64bit: - Extra 'Tools' menuitem : Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9:64bit: - Extra Button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9:64bit: - Extra 'Tools' menuitem : Guardar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9:64bit: - Extra Button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9:64bit: - Extra 'Tools' menuitem : Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll File not found
      O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll File not found
      O9 - Extra Button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O9 - Extra 'Tools' menuitem : Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O9 - Extra Button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O9 - Extra 'Tools' menuitem : Guardar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O9 - Extra Button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O9 - Extra 'Tools' menuitem : Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
      O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
      O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_25)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7978C2B9-DC8F-4C11-963B-7F0B1BEF76D5}: DhcpNameServer = 200.49.130.29 200.49.130.28 172.20.2.20
      O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
      O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
      O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll File not found
      O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
      O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) - File not found
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
      O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
      O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corp.)
      O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (livessp) - C:\windows\SysWow64\livessp.dll (Microsoft Corp.)
      O31 - SafeBoot: AlternateShell - cmd.exe
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/01/27 23:34:48 | 000,000,000 | ---D | C] -- C:\Users\Nando\AppData\Roaming\Malwarebytes
      [2013/01/27 23:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/01/27 23:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/01/27 23:33:57 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
      [2013/01/27 23:33:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2013/01/27 15:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dr.Kawashima
      [2013/01/27 15:30:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dr.Kawashima
      [2013/01/27 14:46:13 | 000,000,000 | ---D | C] -- C:\Users\Nando\AppData\Roaming\AlderGames
      [2013/01/27 14:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlantis - Pearls of the Deep Deluxe
      [2013/01/27 14:45:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atlantis - Pearls of the Deep Deluxe
      [2013/01/27 14:43:24 | 000,000,000 | ---D | C] -- C:\Users\Nando\AppData\Local\Programs
      [2013/01/26 20:06:41 | 000,000,000 | ---D | C] -- C:\Users\Nando\Documents\FIFA 13
      [2013/01/22 16:48:04 | 000,000,000 | ---D | C] -- C:\output
      [2013/01/17 11:14:47 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
      [2013/01/17 11:14:47 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs
      [2013/01/17 11:14:47 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs
      [2013/01/17 11:14:46 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
      [2013/01/17 11:14:46 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs
      [2013/01/17 11:14:46 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
      [2013/01/17 11:14:46 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs
      [2013/01/17 11:14:46 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
      [2013/01/17 11:14:46 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
      [2013/01/17 11:14:46 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs
      [2013/01/17 11:14:46 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
      [2013/01/17 11:14:46 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs
      [2013/01/17 11:14:46 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
      [2013/01/17 11:14:46 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs
      [2013/01/17 11:14:45 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll
      [2013/01/17 11:14:45 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
      [2013/01/17 11:14:45 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs
      [2013/01/17 11:14:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
      [2013/01/17 11:14:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs
      [2013/01/17 11:14:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
      [2013/01/17 11:14:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs
      [2013/01/17 11:14:44 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
      [2013/01/17 11:14:44 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
      [2013/01/17 11:14:44 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
      [2013/01/17 11:14:39 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
      [2013/01/17 11:14:39 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs
      [2013/01/17 11:14:38 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs
      [2013/01/17 11:14:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs
      [2013/01/17 11:14:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
      [2013/01/17 11:14:36 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs
      [2013/01/17 11:14:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
      [2013/01/17 11:14:35 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
      [2013/01/17 11:09:47 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
      [2013/01/17 11:09:47 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
      [2013/01/17 11:03:37 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
      [2013/01/17 11:03:35 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
      [2013/01/17 10:54:38 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
      [2013/01/17 10:54:37 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
      [2013/01/17 10:54:34 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
      [2013/01/17 10:54:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
      [2013/01/17 10:54:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
      [2013/01/17 10:54:34 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
      [2013/01/17 10:54:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
      [2013/01/17 10:54:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
      [2013/01/17 10:54:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
      [2013/01/17 10:54:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
      [2013/01/17 10:54:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
      [2013/01/17 10:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
      [2013/01/17 10:54:32 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
      [2013/01/17 10:54:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
      [2013/01/17 10:54:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
      [2013/01/17 10:54:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
      [2013/01/17 10:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
      [2013/01/17 10:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
      [2013/01/17 10:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
      [2013/01/17 10:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
      [2013/01/17 10:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
      [2013/01/17 10:54:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
      [2013/01/17 10:54:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
      [2013/01/17 10:54:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
      [2013/01/17 10:54:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
      [2013/01/17 10:54:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
      [2013/01/17 10:54:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
      [2013/01/17 10:54:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
      [2013/01/17 10:54:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
      [2013/01/17 10:54:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
      [2013/01/17 10:54:06 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
      [2013/01/17 1021 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
      [2013/01/16 20:46:03 | 000,000,000 | ---D | C] -- C:\windows\Minidump
      [1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/01/28 01:12:01 | 000,001,034 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/01/28 00:35:01 | 000,001,046 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2274713350-3743790495-1659725507-1000UA.job
      [2013/01/28 00:25:49 | 000,001,343 | ---- | M] () -- C:\Users\Nando\Desktop\OTL - Acceso directo.lnk
      [2013/01/28 0011 | 000,020,480 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/01/28 0011 | 000,020,480 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/01/28 00:02:39 | 000,001,030 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/01/28 00:02:04 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
      [2013/01/28 00:01:58 | 3100,508,160 | -HS- | M] () -- C:\hiberfil.sys
      [2013/01/27 23:48:48 | 000,013,415 | ---- | M] () -- C:\Users\Nando\Desktop\iExplore.exe - Acceso directo.lnk
      [2013/01/27 23:34:07 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/01/27 20:35:04 | 000,000,994 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2274713350-3743790495-1659725507-1000Core.job
      [2013/01/27 18:19:50 | 000,041,548 | ---- | M] () -- C:\Users\Nando\Documents\409402_346555862118884_400520707_n.jpg
      [2013/01/27 18:18:39 | 000,096,899 | ---- | M] () -- C:\Users\Nando\Documents\63693_348815458559591_1806605057_n.jpg
      [2013/01/27 18:18:13 | 000,064,896 | ---- | M] () -- C:\Users\Nando\Documents\74341_349412838499853_2053591975_n.jpg
      [2013/01/27 18:17:37 | 000,028,925 | ---- | M] () -- C:\Users\Nando\Documents\47647_350338468407290_545939138_n.jpg
      [2013/01/27 18:14:59 | 000,094,112 | ---- | M] () -- C:\Users\Nando\Documents\37103_354506234657180_459115131_n.jpg
      [2013/01/27 18:14:26 | 000,139,485 | ---- | M] () -- C:\Users\Nando\Documents\181106_354948527946284_1418745507_n.jpg
      [2013/01/27 18:13:48 | 000,146,833 | ---- | M] () -- C:\Users\Nando\Documents\424436_355940531180417_1129053927_n.jpg
      [2013/01/27 18:13:39 | 000,132,681 | ---- | M] () -- C:\Users\Nando\Documents\64983_356816261092844_194278448_n.jpg
      [2013/01/27 18:01:00 | 003,981,111 | ---- | M] () -- C:\Users\Nando\Documents\Unidad_2_Aminoacidos,_peptidos_y_proteinas_1887.pdf
      [2013/01/27 03:08:03 | 000,001,134 | ---- | M] () -- C:\Users\Nando\Desktop\Vídeos - Acceso directo.lnk
      [2013/01/26 20:00:30 | 000,012,728 | ---- | M] () -- C:\Users\Nando\Desktop\Asistencia Técnica.rtf - Acceso directo.lnk
      [2013/01/26 16:44:27 | 000,000,982 | ---- | M] () -- C:\Users\Nando\Desktop\AC3Filter Config.lnk
      [2013/01/25 15:02:45 | 001,672,954 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
      [2013/01/25 15:02:45 | 000,746,142 | ---- | M] () -- C:\windows\SysNative\perfh00A.dat
      [2013/01/25 15:02:45 | 000,652,804 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
      [2013/01/25 15:02:45 | 000,158,352 | ---- | M] () -- C:\windows\SysNative\perfc00A.dat
      [2013/01/25 15:02:45 | 000,121,478 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
      [2013/01/25 13:36:39 | 000,002,379 | ---- | M] () -- C:\Users\Nando\Desktop\Google Chrome.lnk
      [2013/01/17 17:06:09 | 004,832,480 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
      [2013/01/17 12:35:06 | 001,650,928 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
      [2013/01/17 10:33:15 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
      [2013/01/17 1021 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
      [2013/01/16 20:45:55 | 460,679,488 | ---- | M] () -- C:\windows\MEMORY.DMP
      [1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/01/28 00:25:49 | 000,001,343 | ---- | C] () -- C:\Users\Nando\Desktop\OTL - Acceso directo.lnk
      [2013/01/27 23:48:48 | 000,013,415 | ---- | C] () -- C:\Users\Nando\Desktop\iExplore.exe - Acceso directo.lnk
      [2013/01/27 23:34:07 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/01/27 18:19:50 | 000,041,548 | ---- | C] () -- C:\Users\Nando\Documents\409402_346555862118884_400520707_n.jpg
      [2013/01/27 18:18:38 | 000,096,899 | ---- | C] () -- C:\Users\Nando\Documents\63693_348815458559591_1806605057_n.jpg
      [2013/01/27 18:18:12 | 000,064,896 | ---- | C] () -- C:\Users\Nando\Documents\74341_349412838499853_2053591975_n.jpg
      [2013/01/27 18:17:37 | 000,028,925 | ---- | C] () -- C:\Users\Nando\Documents\47647_350338468407290_545939138_n.jpg
      [2013/01/27 18:14:57 | 000,094,112 | ---- | C] () -- C:\Users\Nando\Documents\37103_354506234657180_459115131_n.jpg
      [2013/01/27 18:14:26 | 000,139,485 | ---- | C] () -- C:\Users\Nando\Documents\181106_354948527946284_1418745507_n.jpg
      [2013/01/27 18:13:48 | 000,146,833 | ---- | C] () -- C:\Users\Nando\Documents\424436_355940531180417_1129053927_n.jpg
      [2013/01/27 18:13:38 | 000,132,681 | ---- | C] () -- C:\Users\Nando\Documents\64983_356816261092844_194278448_n.jpg
      [2013/01/27 18:00:59 | 003,981,111 | ---- | C] () -- C:\Users\Nando\Documents\Unidad_2_Aminoacidos,_peptidos_y_proteinas_1887.pdf
      [2013/01/27 03:08:03 | 000,001,134 | ---- | C] () -- C:\Users\Nando\Desktop\Vídeos - Acceso directo.lnk
      [2013/01/26 20:00:30 | 000,012,728 | ---- | C] () -- C:\Users\Nando\Desktop\Asistencia Técnica.rtf - Acceso directo.lnk
      [2013/01/26 16:44:27 | 000,000,982 | ---- | C] () -- C:\Users\Nando\Desktop\AC3Filter Config.lnk
      [2013/01/17 1021 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
      [2013/01/16 20:45:55 | 460,679,488 | ---- | C] () -- C:\windows\MEMORY.DMP
      [2012/12/18 11:25:24 | 000,001,104 | ---- | C] () -- C:\Users\Nando\Documentos - Acceso directo.lnk
      [2012/12/17 04:03:23 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
      [2012/11/11 22:55:07 | 000,000,032 | ---- | C] () -- C:\windows\Setup.INI
      [2012/10/10 02:22:34 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
      [2012/10/10 02:22:28 | 000,272,928 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin
      [2012/10/10 02:22:20 | 000,963,452 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin
      [2012/05/13 21:39:46 | 000,000,094 | ---- | C] () -- C:\windows\ETX133.ini
      [2012/04/28 19:52:28 | 001,650,928 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
      [2011/06/07 17:12:12 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
      [2011/06/07 17:02:35 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll

      ========== ZeroAccess Check ==========

      [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 10:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 10:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 10:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2013/01/27 14:46:13 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\AlderGames
      [2012/05/13 15:23:44 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\Babylon
      [2012/12/16 01:37:07 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [2012/12/16 01:35:19 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\com.adobe.DC3Module.AdobeADC
      [2012/12/12 02:40:02 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\EPSON
      [2012/12/12 02:40:02 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\eType
      [2012/04/29 14:32:13 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\ImgBurn
      [2012/12/21 10:28:10 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\Octoshape
      [2012/12/12 02:40:04 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\PhotoScape
      [2012/05/01 15:18:29 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\Positivo Smart Backup
      [2013/01/27 02:59:40 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\SoftGrid Client
      [2012/12/28 13:13:09 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
      [2012/04/29 22:05:58 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\TP
      [2012/06/25 23:13:43 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\Windows Live Writer

      ========== Purity Check ==========



      < End of report >

    6. #6
      Usuario Avatar de JIBIO
      Registrado
      dic 2012
      Ubicación
      Argentina
      Mensajes
      6

      Re: se abren solas ventanas en el google chrome

      es este?
      OTL logfile created on: 28/01/2013 01:18:12 a.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nando\Downloads
      64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00002C0A | Country: Argentina | Language: ESS |d/MM/yyyy

      3,85 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 58,79% Memory free
      7,70 Gb Paging File | 5,85 Gb Available in Paging File | 75,96% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 587,31 Gb Total Space | 332,23 Gb Free Space | 56,57% Space Free | Partition Type: NTFS
      Drive D: | 698,92 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

      Computer Name: NANDO-PC| User Name: Nando | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Nando\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Program Files (x86)\TUTORIALES100\tutoriales100_ar_5.exe ()
      PRC - C:\Users\Nando\AppData\Local\tutoriales100_ar_5\upttria100ar5.exe ()
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Battery Power\BatteryPower.exe (Positivo Informática S.A)
      PRC - C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Battery Power\BatteryManagerService.exe (Positivo Informática S.A)
      PRC - C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\AudioPower.exe (Microsoft)
      PRC - C:\Users\Nando\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
      PRC - C:\Program Files (x86)\QuickKey\HookKey.exe (TODO: <Company name>)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      PRC - C:\Program Files (x86)\OEM\LIVE! OSD 1.35\osd.exe (OEM)
      PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
      PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


      ========== Modules (No Company Name) ==========

      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ab54c04b3df40416205883b4049fe273\IAStorUtil.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4d6518ef6ae8d6f005c49ab1c86de7fe\IAStorCommon.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5807f05ddadb676e7b4d4f63711b9108\System.Windows.Forms.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
      MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
      MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
      MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      MOD - C:\Program Files (x86)\TUTORIALES100\tutoriales100_ar_5.exe ()
      MOD - C:\Users\Nando\AppData\Local\tutoriales100_ar_5\upttria100ar5.exe ()
      MOD - C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\LibSoundManager.dll ()
      MOD - C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\CustomWindow.dll ()
      MOD - C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_es_31bf3856ad364e35\PresentationFramework.resources.dll ()
      MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_es_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
      MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
      MOD - C:\Program Files (x86)\OEM\LIVE! OSD 1.35\LiveIO.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe File not found
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (avast! Antivirus) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
      SRV - (NisSrv) -- c:\Archivos de programa\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
      SRV - (MsMpSvc) -- c:\Archivos de programa\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      SRV - (BatteryManagerSrv) -- C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Battery Power\BatteryManagerService.exe (Positivo Informática S.A)
      SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
      SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
      SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (EPSON_EB_RPCV4_04) -- C:\Archivos de programa\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
      SRV - (EPSON_PM_RPCV4_04) -- C:\Archivos de programa\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
      SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswKbd) -- C:\windows\SysNative\drivers\aswKbd.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
      DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (PositivoAudioDriverWdm) -- C:\Windows\SysNative\drivers\pad.sys (Positivo Informática S.A.)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
      DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\drivers\rtl8192ce.sys (Realtek Semiconductor Corporation )
      DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
      DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
      DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
      DRV:64bit: - (LiveGpdKBFilter) -- C:\windows\SysNative\drivers\LiveGpdKBFilter.sys (Windows (R) Win 7 DDK provider)
      DRV:64bit: - (Livemouclass) -- C:\windows\SysNative\drivers\Livemouclass.sys (Systems Internals)
      DRV:64bit: - (Livekbc) -- C:\windows\SysNative\drivers\Livekbc.sys (Systems Internals)
      DRV:64bit: - (LiveIO) -- C:\windows\SysNative\drivers\LiveIO.sys ()
      DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (All) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {2DB2451C-A2B4-48A7-8593-AFB11D6D2843}
      IE:64bit: - HKLM\..\SearchScopes\{2DB2451C-A2B4-48A7-8593-AFB11D6D2843}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      IE - HKLM\..\SearchScopes,DefaultScope = {2DB2451C-A2B4-48A7-8593-AFB11D6D2843}
      IE - HKLM\..\SearchScopes\{2DB2451C-A2B4-48A7-8593-AFB11D6D2843}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.positivobgh.com.ar [binary data]
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
      IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
      IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      ========== FireFox ==========

      FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
      FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Nando\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nando\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nando\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/12/16 23:21:33 | 000,000,000 | ---D | M]


      ========== Chrome ==========

      CHR - homepage: http://www.google.com.ar/
      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
      CHR - homepage: http://www.google.com.ar/
      CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Users\Nando\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nando\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nando\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
      CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
      CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      CHR - Extension: YouTube = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
      CHR - Extension: avast! WebRep = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
      CHR - Extension: Gmail = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
      CHR - Extension: YouTube = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
      CHR - Extension: B\u00FAsqueda de Google = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
      CHR - Extension: avast! WebRep = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
      CHR - Extension: Gmail = C:\Users\Nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

      O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2:64bit: - BHO: (avast! EasyPass Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
      O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
      O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
      O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
      O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll File not found
      O2 - BHO: (avast! EasyPass Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Aplicación auxiliar de inicio de sesión en la cuenta Microsoft) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3:64bit: - HKLM\..\Toolbar: (avast! EasyPass Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (avast! EasyPass Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll File not found
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
      O4:64bit: - HKLM..\Run: [AudioPower] C:\Program Files (x86)\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\AudioPower.exe (Microsoft)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
      O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
      O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe ()
      O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
      O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
      O4 - HKLM..\Run: [HookKey] C:\Program Files (x86)\QuickKey\HookKey.exe (TODO: <Company name>)
      O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
      O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [Tutorials] C:\Program Files (x86)\TUTORIALES100\tutoriales100_ar_5.exe ()
      O4 - HKCU..\Run: [AdobeBridge] File not found
      O4 - HKCU..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h File not found
      O4 - HKCU..\Run: [EPSON TX133 TX135 Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHJB.EXE /FU "C:\windows\TEMP\E_S4578.tmp" /EF "HKCU" File not found
      O4 - HKCU..\Run: [Google Update] C:\Users\Nando\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
      O4 - HKCU..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background File not found
      O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\Nando\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
      O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
      O4 - HKLM..\RunOnce: [upttria100ar5.exe] C:\Users\Nando\AppData\Local\tutoriales100_ar_5\upttria100ar5.exe ()
      O4 - HKCU..\RunOnce: [Uninstall C:\Users\Nando\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nando\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64" File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
      O8:64bit: - Extra context menu item: Guardar Formularios - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
      O8:64bit: - Extra context menu item: Personalizar Menú - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
      O8:64bit: - Extra context menu item: Rellenar Formularios - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
      O8:64bit: - Extra context menu item: Show avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
      O8 - Extra context menu item: Guardar Formularios - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
      O8 - Extra context menu item: Personalizar Menú - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
      O8 - Extra context menu item: Rellenar Formularios - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
      O8 - Extra context menu item: Show avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
      O9:64bit: - Extra Button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9:64bit: - Extra 'Tools' menuitem : Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9:64bit: - Extra Button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9:64bit: - Extra 'Tools' menuitem : Guardar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9:64bit: - Extra Button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9:64bit: - Extra 'Tools' menuitem : Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
      O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll File not found
      O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll File not found
      O9 - Extra Button: Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O9 - Extra 'Tools' menuitem : Rellenar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O9 - Extra Button: Guardar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O9 - Extra 'Tools' menuitem : Guardar Formularios - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O9 - Extra Button: Mostrar Barra de Herramientas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O9 - Extra 'Tools' menuitem : Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
      O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
      O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7978C2B9-DC8F-4C11-963B-7F0B1BEF76D5}: DhcpNameServer = 200.49.130.29 200.49.130.28 172.20.2.20
      O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
      O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
      O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
      O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
      O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
      O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll File not found
      O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
      O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) - File not found
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
      O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
      O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
      O30:64bit: - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corp.)
      O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
      O30 - LSA: Security Packages - (livessp) - C:\windows\SysWow64\livessp.dll (Microsoft Corp.)
      O31 - SafeBoot: AlternateShell - cmd.exe
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/01/27 23:34:48 | 000,000,000 | ---D | C] -- C:\Users\Nando\AppData\Roaming\Malwarebytes
      [2013/01/27 23:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/01/27 23:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/01/27 23:33:57 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
      [2013/01/27 23:33:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      [2013/01/27 15:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dr.Kawashima
      [2013/01/27 15:30:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dr.Kawashima
      [2013/01/27 14:46:13 | 000,000,000 | ---D | C] -- C:\Users\Nando\AppData\Roaming\AlderGames
      [2013/01/27 14:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlantis - Pearls of the Deep Deluxe
      [2013/01/27 14:45:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atlantis - Pearls of the Deep Deluxe
      [2013/01/27 14:43:24 | 000,000,000 | ---D | C] -- C:\Users\Nando\AppData\Local\Programs
      [2013/01/26 20:06:41 | 000,000,000 | ---D | C] -- C:\Users\Nando\Documents\FIFA 13
      [2013/01/22 16:48:04 | 000,000,000 | ---D | C] -- C:\output
      [2013/01/17 11:14:47 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
      [2013/01/17 11:14:47 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs
      [2013/01/17 11:14:47 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs
      [2013/01/17 11:14:46 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
      [2013/01/17 11:14:46 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs
      [2013/01/17 11:14:46 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
      [2013/01/17 11:14:46 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs
      [2013/01/17 11:14:46 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
      [2013/01/17 11:14:46 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
      [2013/01/17 11:14:46 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs
      [2013/01/17 11:14:46 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
      [2013/01/17 11:14:46 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs
      [2013/01/17 11:14:46 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
      [2013/01/17 11:14:46 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs
      [2013/01/17 11:14:45 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll
      [2013/01/17 11:14:45 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
      [2013/01/17 11:14:45 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs
      [2013/01/17 11:14:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
      [2013/01/17 11:14:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs
      [2013/01/17 11:14:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
      [2013/01/17 11:14:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs
      [2013/01/17 11:14:44 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
      [2013/01/17 11:14:44 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
      [2013/01/17 11:14:44 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
      [2013/01/17 11:14:39 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
      [2013/01/17 11:14:39 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs
      [2013/01/17 11:14:38 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs
      [2013/01/17 11:14:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs
      [2013/01/17 11:14:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
      [2013/01/17 11:14:36 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs
      [2013/01/17 11:14:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
      [2013/01/17 11:14:35 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
      [2013/01/17 11:09:47 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
      [2013/01/17 11:09:47 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
      [2013/01/17 11:03:37 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
      [2013/01/17 11:03:35 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
      [2013/01/17 10:54:38 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
      [2013/01/17 10:54:37 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
      [2013/01/17 10:54:34 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
      [2013/01/17 10:54:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
      [2013/01/17 10:54:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
      [2013/01/17 10:54:34 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
      [2013/01/17 10:54:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
      [2013/01/17 10:54:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
      [2013/01/17 10:54:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
      [2013/01/17 10:54:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
      [2013/01/17 10:54:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
      [2013/01/17 10:54:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
      [2013/01/17 10:54:32 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
      [2013/01/17 10:54:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
      [2013/01/17 10:54:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
      [2013/01/17 10:54:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
      [2013/01/17 10:54:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
      [2013/01/17 10:54:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
      [2013/01/17 10:54:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
      [2013/01/17 10:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
      [2013/01/17 10:54:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
      [2013/01/17 10:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
      [2013/01/17 10:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
      [2013/01/17 10:54:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
      [2013/01/17 10:54:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
      [2013/01/17 10:54:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
      [2013/01/17 10:54:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
      [2013/01/17 10:54:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
      [2013/01/17 10:54:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
      [2013/01/17 10:54:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
      [2013/01/17 10:54:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
      [2013/01/17 10:54:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
      [2013/01/17 10:54:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
      [2013/01/17 10:54:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
      [2013/01/17 10:54:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
      [2013/01/17 10:54:06 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
      [2013/01/17 1021 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
      [2013/01/16 20:46:03 | 000,000,000 | ---D | C] -- C:\windows\Minidump
      [1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/01/28 01:12:01 | 000,001,034 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/01/28 00:35:01 | 000,001,046 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2274713350-3743790495-1659725507-1000UA.job
      [2013/01/28 00:25:49 | 000,001,343 | ---- | M] () -- C:\Users\Nando\Desktop\OTL - Acceso directo.lnk
      [2013/01/28 0011 | 000,020,480 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/01/28 0011 | 000,020,480 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/01/28 00:02:39 | 000,001,030 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/01/28 00:02:04 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
      [2013/01/28 00:01:58 | 3100,508,160 | -HS- | M] () -- C:\hiberfil.sys
      [2013/01/27 23:48:48 | 000,013,415 | ---- | M] () -- C:\Users\Nando\Desktop\iExplore.exe - Acceso directo.lnk
      [2013/01/27 23:34:07 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/01/27 20:35:04 | 000,000,994 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2274713350-3743790495-1659725507-1000Core.job
      [2013/01/27 18:19:50 | 000,041,548 | ---- | M] () -- C:\Users\Nando\Documents\409402_346555862118884_400520707_n.jpg
      [2013/01/27 18:18:39 | 000,096,899 | ---- | M] () -- C:\Users\Nando\Documents\63693_348815458559591_1806605057_n.jpg
      [2013/01/27 18:18:13 | 000,064,896 | ---- | M] () -- C:\Users\Nando\Documents\74341_349412838499853_2053591975_n.jpg
      [2013/01/27 18:17:37 | 000,028,925 | ---- | M] () -- C:\Users\Nando\Documents\47647_350338468407290_545939138_n.jpg
      [2013/01/27 18:14:59 | 000,094,112 | ---- | M] () -- C:\Users\Nando\Documents\37103_354506234657180_459115131_n.jpg
      [2013/01/27 18:14:26 | 000,139,485 | ---- | M] () -- C:\Users\Nando\Documents\181106_354948527946284_1418745507_n.jpg
      [2013/01/27 18:13:48 | 000,146,833 | ---- | M] () -- C:\Users\Nando\Documents\424436_355940531180417_1129053927_n.jpg
      [2013/01/27 18:13:39 | 000,132,681 | ---- | M] () -- C:\Users\Nando\Documents\64983_356816261092844_194278448_n.jpg
      [2013/01/27 18:01:00 | 003,981,111 | ---- | M] () -- C:\Users\Nando\Documents\Unidad_2_Aminoacidos,_peptidos_y_proteinas_1887.pdf
      [2013/01/27 03:08:03 | 000,001,134 | ---- | M] () -- C:\Users\Nando\Desktop\Vídeos - Acceso directo.lnk
      [2013/01/26 20:00:30 | 000,012,728 | ---- | M] () -- C:\Users\Nando\Desktop\Asistencia Técnica.rtf - Acceso directo.lnk
      [2013/01/26 16:44:27 | 000,000,982 | ---- | M] () -- C:\Users\Nando\Desktop\AC3Filter Config.lnk
      [2013/01/25 15:02:45 | 001,672,954 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
      [2013/01/25 15:02:45 | 000,746,142 | ---- | M] () -- C:\windows\SysNative\perfh00A.dat
      [2013/01/25 15:02:45 | 000,652,804 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
      [2013/01/25 15:02:45 | 000,158,352 | ---- | M] () -- C:\windows\SysNative\perfc00A.dat
      [2013/01/25 15:02:45 | 000,121,478 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
      [2013/01/25 13:36:39 | 000,002,379 | ---- | M] () -- C:\Users\Nando\Desktop\Google Chrome.lnk
      [2013/01/17 17:06:09 | 004,832,480 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
      [2013/01/17 12:35:06 | 001,650,928 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
      [2013/01/17 10:33:15 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
      [2013/01/17 1021 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
      [2013/01/16 20:45:55 | 460,679,488 | ---- | M] () -- C:\windows\MEMORY.DMP
      [1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/01/28 00:25:49 | 000,001,343 | ---- | C] () -- C:\Users\Nando\Desktop\OTL - Acceso directo.lnk
      [2013/01/27 23:48:48 | 000,013,415 | ---- | C] () -- C:\Users\Nando\Desktop\iExplore.exe - Acceso directo.lnk
      [2013/01/27 23:34:07 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/01/27 18:19:50 | 000,041,548 | ---- | C] () -- C:\Users\Nando\Documents\409402_346555862118884_400520707_n.jpg
      [2013/01/27 18:18:38 | 000,096,899 | ---- | C] () -- C:\Users\Nando\Documents\63693_348815458559591_1806605057_n.jpg
      [2013/01/27 18:18:12 | 000,064,896 | ---- | C] () -- C:\Users\Nando\Documents\74341_349412838499853_2053591975_n.jpg
      [2013/01/27 18:17:37 | 000,028,925 | ---- | C] () -- C:\Users\Nando\Documents\47647_350338468407290_545939138_n.jpg
      [2013/01/27 18:14:57 | 000,094,112 | ---- | C] () -- C:\Users\Nando\Documents\37103_354506234657180_459115131_n.jpg
      [2013/01/27 18:14:26 | 000,139,485 | ---- | C] () -- C:\Users\Nando\Documents\181106_354948527946284_1418745507_n.jpg
      [2013/01/27 18:13:48 | 000,146,833 | ---- | C] () -- C:\Users\Nando\Documents\424436_355940531180417_1129053927_n.jpg
      [2013/01/27 18:13:38 | 000,132,681 | ---- | C] () -- C:\Users\Nando\Documents\64983_356816261092844_194278448_n.jpg
      [2013/01/27 18:00:59 | 003,981,111 | ---- | C] () -- C:\Users\Nando\Documents\Unidad_2_Aminoacidos,_peptidos_y_proteinas_1887.pdf
      [2013/01/27 03:08:03 | 000,001,134 | ---- | C] () -- C:\Users\Nando\Desktop\Vídeos - Acceso directo.lnk
      [2013/01/26 20:00:30 | 000,012,728 | ---- | C] () -- C:\Users\Nando\Desktop\Asistencia Técnica.rtf - Acceso directo.lnk
      [2013/01/26 16:44:27 | 000,000,982 | ---- | C] () -- C:\Users\Nando\Desktop\AC3Filter Config.lnk
      [2013/01/17 1021 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
      [2013/01/16 20:45:55 | 460,679,488 | ---- | C] () -- C:\windows\MEMORY.DMP
      [2012/12/18 11:25:24 | 000,001,104 | ---- | C] () -- C:\Users\Nando\Documentos - Acceso directo.lnk
      [2012/12/17 04:03:23 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat
      [2012/11/11 22:55:07 | 000,000,032 | ---- | C] () -- C:\windows\Setup.INI
      [2012/10/10 02:22:34 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
      [2012/10/10 02:22:28 | 000,272,928 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin
      [2012/10/10 02:22:20 | 000,963,452 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin
      [2012/05/13 21:39:46 | 000,000,094 | ---- | C] () -- C:\windows\ETX133.ini
      [2012/04/28 19:52:28 | 001,650,928 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
      [2011/06/07 17:12:12 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
      [2011/06/07 17:02:35 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll

      ========== ZeroAccess Check ==========

      [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 10:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 10:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 10:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2013/01/27 14:46:13 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\AlderGames
      [2012/05/13 15:23:44 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\Babylon
      [2012/12/16 01:37:07 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [2012/12/16 01:35:19 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\com.adobe.DC3Module.AdobeADC
      [2012/12/12 02:40:02 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\EPSON
      [2012/12/12 02:40:02 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\eType
      [2012/04/29 14:32:13 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\ImgBurn
      [2012/12/21 10:28:10 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\Octoshape
      [2012/12/12 02:40:04 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\PhotoScape
      [2012/05/01 15:18:29 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\Positivo Smart Backup
      [2013/01/27 02:59:40 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\SoftGrid Client
      [2012/12/28 13:13:09 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
      [2012/04/29 22:05:58 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\TP
      [2012/06/25 23:13:43 | 000,000,000 | ---D | M] -- C:\Users\Nando\AppData\Roaming\Windows Live Writer

      ========== Purity Check ==========

      < End of report >

    7. #7
      Moderador
      Avatar de M@co
      Registrado
      dic 2007
      Ubicación
      America
      Mensajes
      15.825

      Re: se habren solas ventanas en el google chrome

      Hola.

      Realice lo siguiente:

      1. Sombree el contenido del siguiente recuadro (excepto la palabra código), luego haga clic derecho con el ratón > Copiar.
        Código:
        :OTL
        PRC - C:\Program Files (x86)\TUTORIALES100\tutoriales100_ar_5.exe ()
        PRC - C:\Users\Nando\AppData\Local\tutoriales100_ar_5\upttria100ar5.exe ()
        MOD - C:\Program Files (x86)\TUTORIALES100\tutoriales100_ar_5.exe ()
        MOD - C:\Users\Nando\AppData\Local\tutoriales100_ar_5\upttria100ar5.exe ()
        O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll File not found
        O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll File not found
        O4 - HKLM..\Run: [Tutorials] C:\Program Files (x86)\TUTORIALES100\tutoriales100_ar_5.exe ()
        O4 - HKLM..\RunOnce: [upttria100ar5.exe] C:\Users\Nando\AppData\Local\tutoriales100_ar_5\upttria100ar5.exe ()
        O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
        O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) - File not found
        [1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
        
        
        :files
        ipconfig /flushdns /c
        C:\Program Files (x86)\TUTORIALES100 /d
        C:\Users\Nando\AppData\Local\tutoriales100_ar_5 /d
        
        :commands
        [resethosts]
        [emptytemp]
        [createrestorepoint]
      2. Ejecutar OTL.exe
        • Clic derecho con el ratón bajo la casilla Análisis Personalizados/Código de Reparación > Pegar.
        • Luego haga clic en el botón Reparar ubicado en la parte superior.
        • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
        • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.


      Nos comentas los resultados.

      Saludos.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de JIBIO
      Registrado
      dic 2012
      Ubicación
      Argentina
      Mensajes
      6

      Re: se habren solas ventanas en el google chrome

      Resultados:

      All processes killed
      ========== OTL ==========
      No active process named Program Files was found!
      No active process named upttria100ar5.exe was found!
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}\ deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\ deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Tutorials deleted successfully.
      C:\Program Files (x86)\TUTORIALES100\tutoriales100_ar_5.exe moved successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\upttria100ar5.exe deleted successfully.
      C:\Users\Nando\AppData\Local\tutoriales100_ar_5\upttria100ar5.exe moved successfully.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll deleted successfully.
      C:\windows\SysWow64\sho13D2.tmp deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Nando\Downloads\cmd.bat deleted successfully.
      C:\Users\Nando\Downloads\cmd.txt deleted successfully.
      C:\Program Files (x86)\TUTORIALES100 folder deleted successfully.
      C:\Users\Nando\AppData\Local\tutoriales100_ar_5\tutoriales100_ar_5\1.0\ads.cyl deleted successfully.
      C:\Users\Nando\AppData\Local\tutoriales100_ar_5\tutoriales100_ar_5\1.0\conf.cyl deleted successfully.
      C:\Users\Nando\AppData\Local\tutoriales100_ar_5\tutoriales100_ar_5\1.0 folder deleted successfully.
      C:\Users\Nando\AppData\Local\tutoriales100_ar_5\tutoriales100_ar_5 folder deleted successfully.
      C:\Users\Nando\AppData\Local\tutoriales100_ar_5\upttria100ar5.cyp deleted successfully.
      C:\Users\Nando\AppData\Local\tutoriales100_ar_5\user_profil.cyp deleted successfully.
      C:\Users\Nando\AppData\Local\tutoriales100_ar_5 folder deleted successfully.
      ========== COMMANDS ==========
      C:\windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 56502 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Nando
      ->Temp folder emptied: 2382976845 bytes
      ->Temporary Internet Files folder emptied: 138945839 bytes
      ->Google Chrome cache emptied: 409254001 bytes
      ->Flash cache emptied: 607 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 2052120 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68042 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
      RecycleBin emptied: 33594018548 bytes

      Total Files Cleaned = 34.835,00 mb

      Restore point Set: OTL Restore Point

      OTL by OldTimer - Version 3.2.69.0 log created on 01282013_151917

      Files\Folders moved on Reboot...
      C:\Users\Nando\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
      File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    9. #9
      Moderador
      Avatar de M@co
      Registrado
      dic 2007
      Ubicación
      America
      Mensajes
      15.825

      Re: se habren solas ventanas en el google chrome

      Hola.

      Dale doble clic a OTL.exe y luego presiona el botón LIMPIAR.

      Saludos.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de JIBIO
      Registrado
      dic 2012
      Ubicación
      Argentina
      Mensajes
      6

      Re: se habren solas ventanas en el google chrome

      Hola, por lo pronto, puedo decir que quedó solucionado mi problema. NO se abren más ventanas solas en el chrome. les agradezco mucho la ayuda
      Saludos!